Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-5645 (GCVE-0-2017-5645)
Vulnerability from cvelistv5 – Published: 2017-04-17 21:00 – Updated: 2024-08-05 15:11
VLAI
EPSS
Summary
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Severity
9.8 (Critical)
CWE
- Remote Code Execution.
Assigner
References
82 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Log4j |
Affected:
All versions between 2.0-alpha1 and 2.8.1
|
Date Public
2017-04-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:47.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:2888",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"name": "RHSA-2017:2809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "97702",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97702"
},
{
"name": "1041294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "RHSA-2017:2810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "RHSA-2017:1801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1801"
},
{
"name": "RHSA-2017:2889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"name": "RHSA-2017:2635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2635"
},
{
"name": "RHSA-2017:2638",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"name": "RHSA-2017:1417",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1417"
},
{
"name": "RHSA-2017:2423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2423"
},
{
"name": "RHSA-2017:2808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "1040200",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040200"
},
{
"name": "RHSA-2017:2636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"name": "RHSA-2017:3399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3399"
},
{
"name": "RHSA-2017:2637",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"name": "RHSA-2017:3244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"name": "RHSA-2017:3400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3400"
},
{
"name": "RHSA-2017:2633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"name": "RHSA-2017:2811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name": "RHSA-2017:1802",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1802"
},
{
"name": "RHSA-2019:1545",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"
},
{
"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"
},
{
"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "All versions between 2.0-alpha1 and 2.8.1"
}
]
}
],
"datePublic": "2017-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-07T14:40:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "RHSA-2017:2888",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"name": "RHSA-2017:2809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "97702",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97702"
},
{
"name": "1041294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "RHSA-2017:2810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "RHSA-2017:1801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1801"
},
{
"name": "RHSA-2017:2889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"name": "RHSA-2017:2635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2635"
},
{
"name": "RHSA-2017:2638",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"name": "RHSA-2017:1417",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1417"
},
{
"name": "RHSA-2017:2423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2423"
},
{
"name": "RHSA-2017:2808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "1040200",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040200"
},
{
"name": "RHSA-2017:2636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"name": "RHSA-2017:3399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3399"
},
{
"name": "RHSA-2017:2637",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"name": "RHSA-2017:3244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"name": "RHSA-2017:3400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3400"
},
{
"name": "RHSA-2017:2633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"name": "RHSA-2017:2811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name": "RHSA-2017:1802",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1802"
},
{
"name": "RHSA-2019:1545",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"
},
{
"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"
},
{
"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Log4j",
"version": {
"version_data": [
{
"version_value": "All versions between 2.0-alpha1 and 2.8.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2888",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"name": "RHSA-2017:2809",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "97702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97702"
},
{
"name": "1041294",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "RHSA-2017:2810",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "RHSA-2017:1801",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1801"
},
{
"name": "RHSA-2017:2889",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"name": "RHSA-2017:2635",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2635"
},
{
"name": "RHSA-2017:2638",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"name": "RHSA-2017:1417",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1417"
},
{
"name": "RHSA-2017:2423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2423"
},
{
"name": "RHSA-2017:2808",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "1040200",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040200"
},
{
"name": "RHSA-2017:2636",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"name": "RHSA-2017:3399",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3399"
},
{
"name": "RHSA-2017:2637",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"name": "RHSA-2017:3244",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"name": "RHSA-2017:3400",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3400"
},
{
"name": "RHSA-2017:2633",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"name": "RHSA-2017:2811",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name": "RHSA-2017:1802",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1802"
},
{
"name": "RHSA-2019:1545",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"
},
{
"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc@%3Cdev.logging.apache.org%3E"
},
{
"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125@%3Cdev.logging.apache.org%3E"
},
{
"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917@%3Cannounce.apache.org%3E"
},
{
"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3Cdev.logging.apache.org%3E"
},
{
"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d@%3Ccommits.logging.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181107-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"name": "https://issues.apache.org/jira/browse/LOG4J2-1863",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422@%3Ccommits.doris.apache.org%3E"
},
{
"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287@%3Cissues.beam.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44@%3Cgithub.beam.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5645",
"datePublished": "2017-04-17T21:00:00.000Z",
"dateReserved": "2017-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:11:47.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-5645",
"date": "2026-06-05",
"epss": "0.94013",
"percentile": "0.99899"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0\", \"versionEndExcluding\": \"2.8.2\", \"matchCriteriaId\": \"A364B542-9D74-48AD-9616-8F16107B3F9C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EC98B22-FFAA-4B59-8E63-EBAA4336AD13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5735E553-9731-4AAC-BCFF-989377F817B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7081652A-D28B-494E-94EF-CA88117F23EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B7A6697-98CC-4E36-93DB-B7160F8399F9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"077732DB-F5F3-4E9C-9AC0-8142AB85B32F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B99A2411-7F6A-457F-A7BF-EB13C630F902\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041F9200-4C01-4187-AE34-240E8277B54D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EB48767-F095-444F-9E05-D9AC345AB803\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F6FA12B-504C-4DBF-A32E-0548557AA2ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D99A687E-EAE6-417E-A88E-D0082BC194CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B353CE99-D57C-465B-AAB0-73EF581127D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5F7E11E-FB34-4467-8919-2B6BEAABF665\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5553591-073B-45E3-999F-21B8BA2EEE22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A125E817-F974-4509-872C-B71933F42AD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FAA9FFE-8F55-4E81-B62F-A5500468AD30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C41B952C-B6FD-4244-BEEE-A1EB73503594\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8972497F-6E24-45A9-9A18-EB0E842CB1D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"400509A8-D6F2-432C-A2F1-AD5B8778D0D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"132CE62A-FBFC-4001-81EC-35D81F73AF48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D8D08B8-CE61-45A3-BAC2-6D0E7D567B68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C83DA9A0-2EBC-4298-8412-1A7C4DC88C2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DC56004-4497-4CDD-AE76-5E3DFAE170F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"274A0CF5-41E8-42E0-9931-F7372A65B9C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66DCCCD9-2170-4675-A447-FB679BC28A74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD945A04-174C-46A2-935D-4F92631D1018\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0\", \"versionEndIncluding\": \"6.2\", \"matchCriteriaId\": \"9D5F8F04-7DFB-4B44-90CF-F1372DB8313C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_messaging_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.0.2\", \"matchCriteriaId\": \"A53B6FD8-8367-4915-B4D0-23572F31C539\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_network_integrity:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.3.2\", \"versionEndIncluding\": \"7.3.6\", \"matchCriteriaId\": \"ABD748C9-24F6-4739-9772-208B98616EE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15817206-C2AD-47B7-B40F-85BB36DB4E78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6C9F582-6C82-4994-9724-22E9575E48B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49BB6E9C-B630-4BDC-AEC1-7F031F612D6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"373C4024-679F-4C37-B408-0FB0D7FD845F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.2\", \"matchCriteriaId\": \"77120A3C-9A48-45FC-A620-5072AF325ACF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A76F09D-AF43-426B-A04F-79E1CAC51D03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5B5E83F-D4FD-4ABB-9B8E-97C0E7571AA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D03A8C9-35A5-4B75-9711-7A4A60457307\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36CF85A9-2C29-46E7-961E-8ADD0B5822CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36E39918-B2D6-43F0-A607-8FD8BFF6F340\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FEB8446-7EAC-4A8D-B6EE-3AAC2294C324\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14480702-4398-4C28-82A6-E7329FB3B650\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F4E0F9A-D925-43FB-A1B7-452EEAE6BE2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"13.2.2.0.0\", \"matchCriteriaId\": \"C2239009-34CE-4E54-992B-835649C9D96F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41650E24-8BFD-42F0-A3E2-545118602690\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5AFC807-4873-42B3-AEDE-8633A9BDDEF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E3D0D69-6AFF-49DD-9BB4-5C0C6905D14E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"532955A8-7292-4662-9324-C961587C8657\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.3.3.0.0\", \"versionEndIncluding\": \"7.3.3.0.2\", \"matchCriteriaId\": \"6E3469D7-69E4-4242-B45A-C0CD9E691C4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0.0.0\", \"versionEndIncluding\": \"8.0.7.0.0\", \"matchCriteriaId\": \"1D94C05C-7403-47D3-98D8-2DA8373FEE6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0.0.0\", \"versionEndIncluding\": \"8.0.4.0.0\", \"matchCriteriaId\": \"46E31100-478A-480C-9518-A6D8FBB94B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48D8CC72-A67A-4CB0-948D-53488ACC7826\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DECBF5C-6C87-424F-A116-DD534EC5946C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3469C84E-50F3-4461-864C-E59174DDC981\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.8.0\", \"matchCriteriaId\": \"2959030B-A9B7-4423-A2E8-9352FC83C4A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"317CA916-61F3-4E24-B42F-610A1C88A5BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E7791EF-A99D-4D52-AFC7-157372E88E21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"265B796B-2DDA-43A6-A3A9-1A79676F25C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0.0.0\", \"versionEndIncluding\": \"8.0.7.0.0\", \"matchCriteriaId\": \"D4279644-04B8-4E58-A38D-CD1E4FB1C39C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43422E17-1D41-497E-A60B-31B1B4D6D563\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9C146BA-6F4F-4A6F-8E53-8A4F5B8E15D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0A34DF8-72CC-4A8E-84F2-C2DF4A0B9FAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21BE77B2-6368-470E-B9E6-21664D9A818A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3250073F-325A-4AFC-892F-F2005E3854A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"991A279B-9D7C-4E39-8827-BC21C2C03B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D151B58F-5583-4F19-B225-80075B45441B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7D665C9-408A-4039-A2D4-9EE565BC4656\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65B765DA-560B-4367-B9B0-B7369BC4D3DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CECECC34-8112-4328-BA49-39F30BE7874A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4855252-D6CA-461D-B196-30AFA7482868\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A79A489-F37C-420A-83B1-4482A8DFF9BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1489DDA7-EDBE-404C-B48D-F0B52B741708\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8BD581B-1CC0-4236-836A-204BBCBBBF77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16BBC649-7AA8-4B8E-9A3F-CC62948F0102\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"289702F6-1CC4-4D88-9745-EB0FA68A732B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.1\", \"versionEndIncluding\": \"17.3\", \"matchCriteriaId\": \"9A74FD5F-4FEA-4A74-8B92-72DFDE6BA464\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEE4B2F0-1AAB-4A1F-AE86-A568D43891B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C79B50C2-27C2-4A9C-ACEE-B70015283F58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ED4F724-C92F-4B4F-B631-81A4EA706DB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"900450EB-A71D-4A8E-B8C4-AFD36F9A36B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68017B52-6597-4E32-A38F-634B5635568C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A19D11A6-BA1D-4121-8686-C177C450777F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB6321F8-7A0A-4DB8-9889-3527023C652A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25F8E604-8180-4728-AD2D-7FF034E3E65A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02867DC7-E669-43C0-ACC4-E1CAA8B9994C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBAFA631-C92B-4FF7-8E65-07C67789EBCD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9652104A-119D-4327-A937-8BED23C23861\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A055CAA6-F789-4E63-A212-84DBAC4BF044\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7506589-9B3B-49BA-B826-774BFDCC45B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"042C243F-EDFE-4A04-AB0B-26E73CC34837\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.4.0.0\", \"versionEndIncluding\": \"3.4.7.4297\", \"matchCriteriaId\": \"48D04F3B-A385-4D8C-BD05-53006452346A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0.0.0\", \"versionEndIncluding\": \"4.0.4.5235\", \"matchCriteriaId\": \"4424C7C9-508B-4824-91A7-AFA1D8C8C698\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0.0.0\", \"versionEndIncluding\": \"8.0.0.8131\", \"matchCriteriaId\": \"BFFFF50D-D301-4752-B720-4340C69E2A98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B21E71BD-DD38-4634-BF9F-092D55000DE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D8B3B57-73D6-4402-987F-8AE723D52F94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62BF043E-BCB9-433D-BA09-7357853EE127\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F26FB80-F541-4B59-AC3C-633F49388B59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07EB8080-B6DE-47F4-B978-F56AEF7294BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AE52320-14DB-4BD5-A1E5-6BBE4829923A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C0B5E4B-BA35-4949-B7EC-70C5F5E44FD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"165E98B6-9ADA-46A7-92C0-E3624D6D89C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"092C9E61-8A0A-4348-A423-A9312D7D330F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01949739-F799-47FE-9118-617F84903F70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34FAA06A-F092-452A-B35C-BC133834DA59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8A9A0D5-95B9-47BB-8303-03D40DE46678\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F071925B-7B0A-4250-9A25-1221711453FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93CF9B92-309E-4356-B8C1-CB161A712479\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CBCA717-6B8B-4CAF-8E9C-57335925CE2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FFEC4A8-E000-4921-8563-5BC3B0DC6C5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDB7DE72-2E0D-427D-AF1E-2BC068D0756B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C64A19B-BC3D-4C84-AE38-75EEAE3B5BEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5825956B-B0DD-4083-8E50-B8148F9F438E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"691A45D3-A594-4E95-9894-87B9FD6BE833\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F36C640-592C-4081-8B97-2432BF7DD1F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C477753B-2716-4266-815B-5BABDDFE1FDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F94F4C7-8E3E-4D0E-A5E7-E8D4E2D21D6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBCF09A6-8A57-40F4-9EB3-48F4806B4803\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBBE93A9-5628-4176-866E-88DE10B9778D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDB71361-D75B-4937-A48E-C2C0064E09FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEB68145-0577-472D-B310-A7BF065ADA9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56961578-6FCB-489C-8431-22F9D263DFFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93EA52BF-E710-4309-9272-8F81D5751ABA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.2.0\", \"versionEndIncluding\": \"16.2.11\", \"matchCriteriaId\": \"06CF27F6-ADC1-480C-9D2E-2BD1E7330C32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.12.0\", \"versionEndIncluding\": \"17.12.7\", \"matchCriteriaId\": \"E4AA3854-C9FD-4287-85A0-EE7907D1E1ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19A0F1AF-F2E6-44E7-8E2D-190E103B72D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D53690D-3390-4A27-988A-709CD89DD05B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A25285DC-9E51-44F8-818A-86A79B3565DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"517E0654-F1DE-43C4-90B5-FB90CA31734B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE91D517-D85D-4A8D-90DC-4561BBF8670E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202DE5CB-B3D4-4289-9AA2-24E9CE266EE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F7D07CB-15D2-424D-8E25-7AC59ACFFD05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE02A69E-F820-4261-8D7E-9B1021E5A9AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E306B67-E1BD-4A67-A77D-A7DC72D5B957\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB5F56EC-8415-4BA1-9D8A-C77F4BB1AF62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"965BCB93-2DED-41FD-972E-FF5958691A35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42064F46-3012-4FB1-89BA-F13C2E4CBB6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F73E2EFA-0F43-4D92-8C7D-9E66811B76D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07630491-0624-4C5C-A858-C5D3CDCD1B68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC9CA11F-F718-43E5-ADB9-6C348C75E37A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FBAAD32-1E9D-47F1-9F47-76FEA47EF54F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24A3C819-5151-4543-A5C6-998C9387C8A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"378A6656-252B-4929-83EA-BC107FDFD357\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"363395FA-C296-4B2B-9D6F-BCB8DBE6FACE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F62A2144-5EF8-4319-B8C2-D7975F51E5FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBAE649F-0389-4875-A995-E73E287AB342\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D5EC241-7D11-47F4-8B41-D362651A5E8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FCB6791-EBFA-4620-ABD4-D55CDCF3EA9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF4C318C-5D1E-479B-9597-9FAD9E186111\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65994DC4-C9C0-48B0-88AB-E2958B4EB9E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4580A7AB-54A9-4784-9087-A3F107258593\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70D4467D-6968-4557-AF61-AFD42B2B48D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9EB3DE5-142C-43A5-9735-CB73C54D42E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FD0EC40-B96B-4E9C-9A81-4E65C4B9512E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB1011D4-E5EE-4722-B644-D522EFC6337A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40B13B7-68B3-4510-968C-6A730EB46462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C93CC705-1F8C-4870-99E6-14BF264C3811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F14A818F-AA16-4438-A3E4-E64C9287AC66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.\"}, {\"lang\": \"es\", \"value\": \"En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicaci\\u00f3n, puede enviarse una carga binaria especialmente dise\\u00f1ada que, cuando se deserializa, puede ejecutar c\\u00f3digo arbitrario.\"}]",
"id": "CVE-2017-5645",
"lastModified": "2024-11-21T03:28:05.320",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-04-17T21:59:00.373",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2019/12/19/2\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97702\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1040200\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041294\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1417\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1801\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1802\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2423\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2633\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2635\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2636\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2637\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2638\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2808\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2809\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2810\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2811\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2888\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2889\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3244\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3399\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3400\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1545\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-1863\", \"source\": \"security@apache.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180726-0002/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20181107-0002/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/12/19/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97702\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1040200\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041294\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1417\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1801\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1802\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2423\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2633\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2635\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2636\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2637\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2638\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2808\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2809\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2810\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2811\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2888\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2889\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3244\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3399\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3400\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1545\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-1863\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180726-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20181107-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-5645\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-04-17T21:59:00.373\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicaci\u00f3n, puede enviarse una carga binaria especialmente dise\u00f1ada que, cuando se deserializa, puede ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"2.8.2\",\"matchCriteriaId\":\"A364B542-9D74-48AD-9616-8F16107B3F9C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC98B22-FFAA-4B59-8E63-EBAA4336AD13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7081652A-D28B-494E-94EF-CA88117F23EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7A6697-98CC-4E36-93DB-B7160F8399F9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"077732DB-F5F3-4E9C-9AC0-8142AB85B32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B99A2411-7F6A-457F-A7BF-EB13C630F902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041F9200-4C01-4187-AE34-240E8277B54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB48767-F095-444F-9E05-D9AC345AB803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F6FA12B-504C-4DBF-A32E-0548557AA2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F7E11E-FB34-4467-8919-2B6BEAABF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5553591-073B-45E3-999F-21B8BA2EEE22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A125E817-F974-4509-872C-B71933F42AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAA9FFE-8F55-4E81-B62F-A5500468AD30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C41B952C-B6FD-4244-BEEE-A1EB73503594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8972497F-6E24-45A9-9A18-EB0E842CB1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400509A8-D6F2-432C-A2F1-AD5B8778D0D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132CE62A-FBFC-4001-81EC-35D81F73AF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D8D08B8-CE61-45A3-BAC2-6D0E7D567B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C83DA9A0-2EBC-4298-8412-1A7C4DC88C2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC56004-4497-4CDD-AE76-5E3DFAE170F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"274A0CF5-41E8-42E0-9931-F7372A65B9C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66DCCCD9-2170-4675-A447-FB679BC28A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD945A04-174C-46A2-935D-4F92631D1018\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndIncluding\":\"6.2\",\"matchCriteriaId\":\"9D5F8F04-7DFB-4B44-90CF-F1372DB8313C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_messaging_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.0.2\",\"matchCriteriaId\":\"A53B6FD8-8367-4915-B4D0-23572F31C539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_integrity:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.2\",\"versionEndIncluding\":\"7.3.6\",\"matchCriteriaId\":\"ABD748C9-24F6-4739-9772-208B98616EE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15817206-C2AD-47B7-B40F-85BB36DB4E78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6C9F582-6C82-4994-9724-22E9575E48B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49BB6E9C-B630-4BDC-AEC1-7F031F612D6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"373C4024-679F-4C37-B408-0FB0D7FD845F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2\",\"matchCriteriaId\":\"77120A3C-9A48-45FC-A620-5072AF325ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A76F09D-AF43-426B-A04F-79E1CAC51D03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B5E83F-D4FD-4ABB-9B8E-97C0E7571AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D03A8C9-35A5-4B75-9711-7A4A60457307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36CF85A9-2C29-46E7-961E-8ADD0B5822CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E39918-B2D6-43F0-A607-8FD8BFF6F340\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FEB8446-7EAC-4A8D-B6EE-3AAC2294C324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14480702-4398-4C28-82A6-E7329FB3B650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F4E0F9A-D925-43FB-A1B7-452EEAE6BE2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"13.2.2.0.0\",\"matchCriteriaId\":\"C2239009-34CE-4E54-992B-835649C9D96F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41650E24-8BFD-42F0-A3E2-545118602690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5AFC807-4873-42B3-AEDE-8633A9BDDEF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E3D0D69-6AFF-49DD-9BB4-5C0C6905D14E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532955A8-7292-4662-9324-C961587C8657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.3.0.0\",\"versionEndIncluding\":\"7.3.3.0.2\",\"matchCriteriaId\":\"6E3469D7-69E4-4242-B45A-C0CD9E691C4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.7.0.0\",\"matchCriteriaId\":\"1D94C05C-7403-47D3-98D8-2DA8373FEE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.4.0.0\",\"matchCriteriaId\":\"46E31100-478A-480C-9518-A6D8FBB94B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48D8CC72-A67A-4CB0-948D-53488ACC7826\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DECBF5C-6C87-424F-A116-DD534EC5946C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3469C84E-50F3-4461-864C-E59174DDC981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.8.0\",\"matchCriteriaId\":\"2959030B-A9B7-4423-A2E8-9352FC83C4A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"317CA916-61F3-4E24-B42F-610A1C88A5BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E7791EF-A99D-4D52-AFC7-157372E88E21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"265B796B-2DDA-43A6-A3A9-1A79676F25C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.7.0.0\",\"matchCriteriaId\":\"D4279644-04B8-4E58-A38D-CD1E4FB1C39C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43422E17-1D41-497E-A60B-31B1B4D6D563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C146BA-6F4F-4A6F-8E53-8A4F5B8E15D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A34DF8-72CC-4A8E-84F2-C2DF4A0B9FAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BE77B2-6368-470E-B9E6-21664D9A818A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3250073F-325A-4AFC-892F-F2005E3854A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991A279B-9D7C-4E39-8827-BC21C2C03B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D151B58F-5583-4F19-B225-80075B45441B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7D665C9-408A-4039-A2D4-9EE565BC4656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65B765DA-560B-4367-B9B0-B7369BC4D3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CECECC34-8112-4328-BA49-39F30BE7874A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4855252-D6CA-461D-B196-30AFA7482868\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A79A489-F37C-420A-83B1-4482A8DFF9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1489DDA7-EDBE-404C-B48D-F0B52B741708\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8BD581B-1CC0-4236-836A-204BBCBBBF77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16BBC649-7AA8-4B8E-9A3F-CC62948F0102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"289702F6-1CC4-4D88-9745-EB0FA68A732B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.1\",\"versionEndIncluding\":\"17.3\",\"matchCriteriaId\":\"9A74FD5F-4FEA-4A74-8B92-72DFDE6BA464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEE4B2F0-1AAB-4A1F-AE86-A568D43891B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C79B50C2-27C2-4A9C-ACEE-B70015283F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED4F724-C92F-4B4F-B631-81A4EA706DB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900450EB-A71D-4A8E-B8C4-AFD36F9A36B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68017B52-6597-4E32-A38F-634B5635568C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A19D11A6-BA1D-4121-8686-C177C450777F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6321F8-7A0A-4DB8-9889-3527023C652A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25F8E604-8180-4728-AD2D-7FF034E3E65A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02867DC7-E669-43C0-ACC4-E1CAA8B9994C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBAFA631-C92B-4FF7-8E65-07C67789EBCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9652104A-119D-4327-A937-8BED23C23861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A055CAA6-F789-4E63-A212-84DBAC4BF044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7506589-9B3B-49BA-B826-774BFDCC45B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"042C243F-EDFE-4A04-AB0B-26E73CC34837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0.0\",\"versionEndIncluding\":\"3.4.7.4297\",\"matchCriteriaId\":\"48D04F3B-A385-4D8C-BD05-53006452346A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0.0\",\"versionEndIncluding\":\"4.0.4.5235\",\"matchCriteriaId\":\"4424C7C9-508B-4824-91A7-AFA1D8C8C698\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.0.8131\",\"matchCriteriaId\":\"BFFFF50D-D301-4752-B720-4340C69E2A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B21E71BD-DD38-4634-BF9F-092D55000DE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8B3B57-73D6-4402-987F-8AE723D52F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62BF043E-BCB9-433D-BA09-7357853EE127\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F26FB80-F541-4B59-AC3C-633F49388B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07EB8080-B6DE-47F4-B978-F56AEF7294BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE52320-14DB-4BD5-A1E5-6BBE4829923A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C0B5E4B-BA35-4949-B7EC-70C5F5E44FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"165E98B6-9ADA-46A7-92C0-E3624D6D89C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092C9E61-8A0A-4348-A423-A9312D7D330F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01949739-F799-47FE-9118-617F84903F70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34FAA06A-F092-452A-B35C-BC133834DA59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8A9A0D5-95B9-47BB-8303-03D40DE46678\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F071925B-7B0A-4250-9A25-1221711453FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93CF9B92-309E-4356-B8C1-CB161A712479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CBCA717-6B8B-4CAF-8E9C-57335925CE2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FFEC4A8-E000-4921-8563-5BC3B0DC6C5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDB7DE72-2E0D-427D-AF1E-2BC068D0756B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C64A19B-BC3D-4C84-AE38-75EEAE3B5BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5825956B-B0DD-4083-8E50-B8148F9F438E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691A45D3-A594-4E95-9894-87B9FD6BE833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F36C640-592C-4081-8B97-2432BF7DD1F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C477753B-2716-4266-815B-5BABDDFE1FDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F94F4C7-8E3E-4D0E-A5E7-E8D4E2D21D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBCF09A6-8A57-40F4-9EB3-48F4806B4803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBBE93A9-5628-4176-866E-88DE10B9778D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB71361-D75B-4937-A48E-C2C0064E09FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEB68145-0577-472D-B310-A7BF065ADA9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56961578-6FCB-489C-8431-22F9D263DFFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93EA52BF-E710-4309-9272-8F81D5751ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.2.0\",\"versionEndIncluding\":\"16.2.11\",\"matchCriteriaId\":\"06CF27F6-ADC1-480C-9D2E-2BD1E7330C32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.7\",\"matchCriteriaId\":\"E4AA3854-C9FD-4287-85A0-EE7907D1E1ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A0F1AF-F2E6-44E7-8E2D-190E103B72D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D53690D-3390-4A27-988A-709CD89DD05B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A25285DC-9E51-44F8-818A-86A79B3565DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"517E0654-F1DE-43C4-90B5-FB90CA31734B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE91D517-D85D-4A8D-90DC-4561BBF8670E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202DE5CB-B3D4-4289-9AA2-24E9CE266EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7D07CB-15D2-424D-8E25-7AC59ACFFD05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE02A69E-F820-4261-8D7E-9B1021E5A9AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E306B67-E1BD-4A67-A77D-A7DC72D5B957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB5F56EC-8415-4BA1-9D8A-C77F4BB1AF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"965BCB93-2DED-41FD-972E-FF5958691A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42064F46-3012-4FB1-89BA-F13C2E4CBB6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73E2EFA-0F43-4D92-8C7D-9E66811B76D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07630491-0624-4C5C-A858-C5D3CDCD1B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC9CA11F-F718-43E5-ADB9-6C348C75E37A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FBAAD32-1E9D-47F1-9F47-76FEA47EF54F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24A3C819-5151-4543-A5C6-998C9387C8A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"378A6656-252B-4929-83EA-BC107FDFD357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"363395FA-C296-4B2B-9D6F-BCB8DBE6FACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F62A2144-5EF8-4319-B8C2-D7975F51E5FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBAE649F-0389-4875-A995-E73E287AB342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5EC241-7D11-47F4-8B41-D362651A5E8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FCB6791-EBFA-4620-ABD4-D55CDCF3EA9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4C318C-5D1E-479B-9597-9FAD9E186111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65994DC4-C9C0-48B0-88AB-E2958B4EB9E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4580A7AB-54A9-4784-9087-A3F107258593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70D4467D-6968-4557-AF61-AFD42B2B48D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9EB3DE5-142C-43A5-9735-CB73C54D42E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FD0EC40-B96B-4E9C-9A81-4E65C4B9512E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB1011D4-E5EE-4722-B644-D522EFC6337A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B13B7-68B3-4510-968C-6A730EB46462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93CC705-1F8C-4870-99E6-14BF264C3811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2019/12/19/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97702\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040200\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041294\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1417\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1801\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1802\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2423\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2633\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2635\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2636\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2637\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2638\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2808\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2809\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2810\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2811\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2888\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2889\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3244\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3399\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3400\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1545\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-1863\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181107-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/12/19/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97702\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041294\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1802\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2635\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2809\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2810\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2889\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-1863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181107-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
RHSA-2017:2636
Vulnerability from csaf_redhat - Published: 2017-09-05 15:01 - Updated: 2026-05-14 22:23Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 7
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)
* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
173 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.
7.5 (High)
Affected products
Fixed
173 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
8.1 (High)
Affected products
Fixed
173 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
22 references
Acknowledgments
NSFOCUS
Liao Xinxi
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2636",
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2636.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 7",
"tracking": {
"current_release_date": "2026-05-14T22:23:37+00:00",
"generator": {
"date": "2026-05-14T22:23:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2017:2636",
"initial_release_date": "2017-09-05T15:01:10+00:00",
"revision_history": [
{
"date": "2017-09-05T15:01:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-05T15:01:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:23:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"product": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"product": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"product": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src"
},
"product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
},
"product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
},
"product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:01:10+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"cve": "CVE-2017-5664",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2017-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1459158"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Security constrained bypass in error page mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file. The default for readonly is true.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5664"
},
{
"category": "external",
"summary": "RHBZ#1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
}
],
"release_date": "2017-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:01:10+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"category": "workaround",
"details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Security constrained bypass in error page mechanism"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:01:10+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
}
]
}
RHSA-2017:2637
Vulnerability from csaf_redhat - Published: 2017-09-05 15:04 - Updated: 2026-05-14 22:23Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 5
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)
* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
173 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.
7.5 (High)
Affected products
Fixed
173 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
8.1 (High)
Affected products
Fixed
173 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
22 references
Acknowledgments
NSFOCUS
Liao Xinxi
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2637",
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2637.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 5",
"tracking": {
"current_release_date": "2026-05-14T22:23:35+00:00",
"generator": {
"date": "2026-05-14T22:23:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2017:2637",
"initial_release_date": "2017-09-05T15:04:25+00:00",
"revision_history": [
{
"date": "2017-09-05T15:04:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-05T15:04:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:23:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"product": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"product": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"product": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src"
},
"product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch"
},
"product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src"
},
"product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:04:25+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"cve": "CVE-2017-5664",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2017-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1459158"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Security constrained bypass in error page mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file. The default for readonly is true.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5664"
},
{
"category": "external",
"summary": "RHBZ#1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
}
],
"release_date": "2017-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:04:25+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"category": "workaround",
"details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
"product_ids": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Security constrained bypass in error page mechanism"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:04:25+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
}
]
}
RHSA-2017:2638
Vulnerability from csaf_redhat - Published: 2017-09-05 15:36 - Updated: 2026-05-28 20:35Summary
Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update
Severity
Important
Notes
Topic: An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)
* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
9.8 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
26 references
Acknowledgments
NSFOCUS
Liao Xinxi
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2638",
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2638.json"
}
],
"title": "Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-05-28T20:35:42+00:00",
"generator": {
"date": "2026-05-28T20:35:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2017:2638",
"initial_release_date": "2017-09-05T15:36:46+00:00",
"revision_history": [
{
"date": "2017-09-05T15:36:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-05T15:36:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:35:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"product": {
"name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src"
},
"product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:36:46+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"cve": "CVE-2017-5664",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2017-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1459158"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Security constrained bypass in error page mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file. The default for readonly is true.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5664"
},
{
"category": "external",
"summary": "RHBZ#1459158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
}
],
"release_date": "2017-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:36:46+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"category": "workaround",
"details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Security constrained bypass in error page mechanism"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:36:46+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"cve": "CVE-2019-17571",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: deserialization of untrusted data in SocketServer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17571"
},
{
"category": "external",
"summary": "RHBZ#1785616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-05T15:36:46+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"category": "workaround",
"details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: deserialization of untrusted data in SocketServer"
}
]
}
RHSA-2017:2808
Vulnerability from csaf_redhat - Published: 2017-09-26 18:39 - Updated: 2026-05-14 22:23Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)
* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)
* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)
* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)
The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.
5.1 (Medium)
Affected products
Fixed
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information.
5.5 (Medium)
Affected products
Fixed
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
6.5 (Medium)
Affected products
Fixed
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().
6.3 (Medium)
Affected products
Fixed
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
31 references
Acknowledgments
Red Hat
Hynek Mlnarik
Red Hat
Gunnar Morling
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2808",
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
},
{
"category": "external",
"summary": "1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "JBEAP-11485",
"url": "https://issues.redhat.com/browse/JBEAP-11485"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2808.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update",
"tracking": {
"current_release_date": "2026-05-14T22:23:42+00:00",
"generator": {
"date": "2026-05-14T22:23:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2017:2808",
"initial_release_date": "2017-09-26T18:39:54+00:00",
"revision_history": [
{
"date": "2017-09-26T18:39:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T18:39:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:23:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"product_id": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.1.0-13.redhat_4.ep7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"product": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"product_id": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-13.redhat_4.ep7.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"product": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"product_id": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-13.redhat_4.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.1.4-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.7-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"product": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"product_id": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@5.2.5-2.Final_redhat_2.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.24-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"product": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"product_id": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-3.redhat_2.2.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"product_id": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.2-2.redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remote-naming@2.0.5-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jms-api_2.0_spec@1.0.1-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"product_id": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.8-1.GA_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"product_id": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.8-4.GA_redhat_1.1.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.1.4-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-appclient@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ear@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-common@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ejb@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-web@10.0.2-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.7-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@5.2.5-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@5.2.5-2.Final_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.24-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-9.SP8_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.56.0-3.redhat_2.2.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_id": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-3.redhat_2.2.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.56.0-3.redhat_2.2.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.56.0-3.redhat_2.2.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.2-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remote-naming@2.0.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jms-api_2.0_spec@1.0.1-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.8-1.GA_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.8-4.GA_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.8-4.GA_redhat_1.1.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src"
},
"product_reference": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64"
},
"product_reference": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src"
},
"product_reference": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src"
},
"product_reference": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9970",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1455566"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jasypt: Vulnerable to timing attack against the password hash comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-9970"
},
{
"category": "external",
"summary": "RHBZ#1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-9970",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9970"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970"
}
],
"release_date": "2017-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:39:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jasypt: Vulnerable to timing attack against the password hash comparison"
},
{
"cve": "CVE-2015-6644",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1444015"
}
],
"notes": [
{
"category": "description",
"text": "It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: Information disclosure in GCMBlockCipher",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-6644"
},
{
"category": "external",
"summary": "RHBZ#1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-6644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644"
}
],
"release_date": "2016-01-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:39:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: Information disclosure in GCMBlockCipher"
},
{
"acknowledgments": [
{
"names": [
"Hynek Mlnarik"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2582",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2017-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1410481"
}
],
"notes": [
{
"category": "description",
"text": "It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: SAML request parser replaces special strings with system properties",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2582"
},
{
"category": "external",
"summary": "RHBZ#1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:39:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: SAML request parser replaces special strings with system properties"
},
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:39:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gunnar Morling"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7536",
"discovery_date": "2017-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1465573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Privilege escalation when running under the security manager",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7536"
},
{
"category": "external",
"summary": "RHBZ#1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:39:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Privilege escalation when running under the security manager"
}
]
}
RHSA-2017:2809
Vulnerability from csaf_redhat - Published: 2017-09-26 18:51 - Updated: 2026-05-14 22:23Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)
* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)
* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)
* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)
The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.
5.1 (Medium)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information.
5.5 (Medium)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
6.5 (Medium)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().
6.3 (Medium)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
31 references
Acknowledgments
Red Hat
Hynek Mlnarik
Red Hat
Gunnar Morling
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2809",
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
},
{
"category": "external",
"summary": "1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "JBEAP-11484",
"url": "https://issues.redhat.com/browse/JBEAP-11484"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2809.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update",
"tracking": {
"current_release_date": "2026-05-14T22:23:48+00:00",
"generator": {
"date": "2026-05-14T22:23:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2017:2809",
"initial_release_date": "2017-09-26T18:51:56+00:00",
"revision_history": [
{
"date": "2017-09-26T18:51:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T18:51:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:23:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"product_id": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.1.0-13.redhat_4.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"product": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"product_id": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-13.redhat_4.ep7.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"product": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"product_id": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.1.0-13.redhat_4.ep7.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"product": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"product_id": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-13.redhat_4.ep7.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"product": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"product_id": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-13.redhat_4.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.1.4-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.7-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"product": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"product_id": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@5.2.5-2.Final_redhat_2.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.24-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"product_id": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.2-2.redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"product": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"product_id": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-3.redhat_2.2.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remote-naming@2.0.5-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jms-api_2.0_spec@1.0.1-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"product_id": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.8-1.GA_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"product_id": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.8-4.GA_redhat_1.1.ep7.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.1.4-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-appclient@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ear@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-common@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ejb@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-web@10.0.2-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.7-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@5.2.5-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@5.2.5-2.Final_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.24-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-9.SP8_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.2-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.56.0-3.redhat_2.2.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_id": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-3.redhat_2.2.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.56.0-3.redhat_2.2.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.56.0-3.redhat_2.2.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remote-naming@2.0.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jms-api_2.0_spec@1.0.1-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.8-1.GA_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.8-4.GA_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.8-4.GA_redhat_1.1.ep7.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686"
},
"product_reference": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src"
},
"product_reference": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64"
},
"product_reference": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686"
},
"product_reference": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src"
},
"product_reference": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src"
},
"product_reference": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9970",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1455566"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jasypt: Vulnerable to timing attack against the password hash comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-9970"
},
{
"category": "external",
"summary": "RHBZ#1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-9970",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9970"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970"
}
],
"release_date": "2017-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:51:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jasypt: Vulnerable to timing attack against the password hash comparison"
},
{
"cve": "CVE-2015-6644",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1444015"
}
],
"notes": [
{
"category": "description",
"text": "It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: Information disclosure in GCMBlockCipher",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-6644"
},
{
"category": "external",
"summary": "RHBZ#1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-6644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644"
}
],
"release_date": "2016-01-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:51:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: Information disclosure in GCMBlockCipher"
},
{
"acknowledgments": [
{
"names": [
"Hynek Mlnarik"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2582",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2017-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1410481"
}
],
"notes": [
{
"category": "description",
"text": "It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: SAML request parser replaces special strings with system properties",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2582"
},
{
"category": "external",
"summary": "RHBZ#1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:51:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: SAML request parser replaces special strings with system properties"
},
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:51:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gunnar Morling"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7536",
"discovery_date": "2017-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1465573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Privilege escalation when running under the security manager",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7536"
},
{
"category": "external",
"summary": "RHBZ#1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:51:56+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-13.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-bouncycastle-mail-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-pkix-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-bouncycastle-prov-0:1.56.0-3.redhat_2.2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-validator-cdi-0:5.2.5-2.Final_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-metadata-appclient-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-common-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ear-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-ejb-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-metadata-web-0:10.0.2-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-9.SP8_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.8-4.GA_redhat_1.1.ep7.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Privilege escalation when running under the security manager"
}
]
}
RHSA-2017:2810
Vulnerability from csaf_redhat - Published: 2017-09-26 17:58 - Updated: 2026-05-28 20:35Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)
* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)
* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)
* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)
The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.
5.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().
6.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
35 references
Acknowledgments
Red Hat
Hynek Mlnarik
Red Hat
Gunnar Morling
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2810",
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2810.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update",
"tracking": {
"current_release_date": "2026-05-28T20:35:43+00:00",
"generator": {
"date": "2026-05-28T20:35:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2017:2810",
"initial_release_date": "2017-09-26T17:58:02+00:00",
"revision_history": [
{
"date": "2017-09-26T17:58:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T17:58:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:35:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7",
"product": {
"name": "Red Hat JBoss EAP 7",
"product_id": "Red Hat JBoss EAP 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9970",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1455566"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jasypt: Vulnerable to timing attack against the password hash comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-9970"
},
{
"category": "external",
"summary": "RHBZ#1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-9970",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9970"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970"
}
],
"release_date": "2017-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:58:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jasypt: Vulnerable to timing attack against the password hash comparison"
},
{
"cve": "CVE-2015-6644",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1444015"
}
],
"notes": [
{
"category": "description",
"text": "It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: Information disclosure in GCMBlockCipher",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-6644"
},
{
"category": "external",
"summary": "RHBZ#1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-6644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644"
}
],
"release_date": "2016-01-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:58:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: Information disclosure in GCMBlockCipher"
},
{
"acknowledgments": [
{
"names": [
"Hynek Mlnarik"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2582",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2017-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1410481"
}
],
"notes": [
{
"category": "description",
"text": "It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: SAML request parser replaces special strings with system properties",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2582"
},
{
"category": "external",
"summary": "RHBZ#1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:58:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: SAML request parser replaces special strings with system properties"
},
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:58:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gunnar Morling"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7536",
"discovery_date": "2017-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1465573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Privilege escalation when running under the security manager",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7536"
},
{
"category": "external",
"summary": "RHBZ#1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:58:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Privilege escalation when running under the security manager"
},
{
"cve": "CVE-2019-17571",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: deserialization of untrusted data in SocketServer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17571"
},
{
"category": "external",
"summary": "RHBZ#1785616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:58:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"category": "workaround",
"details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
"product_ids": [
"Red Hat JBoss EAP 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: deserialization of untrusted data in SocketServer"
}
]
}
RHSA-2017:2811
Vulnerability from csaf_redhat - Published: 2017-09-26 19:14 - Updated: 2026-05-28 20:35Summary
Red Hat Security Advisory: eap7-jboss-ec2-eap security update
Severity
Important
Notes
Topic: An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8.
Refer to the JBoss Enterprise Application Platform 7.0.8 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)
* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)
* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)
* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)
The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.
5.1 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information.
5.5 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
6.5 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().
6.3 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
9.8 (Critical)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
35 references
Acknowledgments
Red Hat
Hynek Mlnarik
Red Hat
Gunnar Morling
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8.\n\nRefer to the JBoss Enterprise Application Platform 7.0.8 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2811",
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
},
{
"category": "external",
"summary": "1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "JBEAP-11487",
"url": "https://issues.redhat.com/browse/JBEAP-11487"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2811.json"
}
],
"title": "Red Hat Security Advisory: eap7-jboss-ec2-eap security update",
"tracking": {
"current_release_date": "2026-05-28T20:35:44+00:00",
"generator": {
"date": "2026-05-28T20:35:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2017:2811",
"initial_release_date": "2017-09-26T19:14:16+00:00",
"revision_history": [
{
"date": "2017-09-26T19:14:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T19:14:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:35:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"product_id": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.8-1.GA_redhat_1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"product_id": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.8-1.GA_redhat_1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"product_id": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.8-1.GA_redhat_1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"product_id": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.8-1.GA_redhat_1.ep7.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"product_id": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.8-1.GA_redhat_1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"product_id": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.8-1.GA_redhat_1.ep7.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9970",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1455566"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jasypt: Vulnerable to timing attack against the password hash comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-9970"
},
{
"category": "external",
"summary": "RHBZ#1455566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455566"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-9970",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9970"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9970"
}
],
"release_date": "2017-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:14:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jasypt: Vulnerable to timing attack against the password hash comparison"
},
{
"cve": "CVE-2015-6644",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2017-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1444015"
}
],
"notes": [
{
"category": "description",
"text": "It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: Information disclosure in GCMBlockCipher",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-6644"
},
{
"category": "external",
"summary": "RHBZ#1444015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-6644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644"
}
],
"release_date": "2016-01-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:14:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: Information disclosure in GCMBlockCipher"
},
{
"acknowledgments": [
{
"names": [
"Hynek Mlnarik"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2582",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2017-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1410481"
}
],
"notes": [
{
"category": "description",
"text": "It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: SAML request parser replaces special strings with system properties",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2582"
},
{
"category": "external",
"summary": "RHBZ#1410481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:14:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: SAML request parser replaces special strings with system properties"
},
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:14:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gunnar Morling"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7536",
"discovery_date": "2017-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1465573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when the security manager\u0027s reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Privilege escalation when running under the security manager",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7536"
},
{
"category": "external",
"summary": "RHBZ#1465573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7536"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:14:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Privilege escalation when running under the security manager"
},
{
"cve": "CVE-2019-17571",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: deserialization of untrusted data in SocketServer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17571"
},
{
"category": "external",
"summary": "RHBZ#1785616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:14:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"category": "workaround",
"details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.8-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: deserialization of untrusted data in SocketServer"
}
]
}
RHSA-2017:2888
Vulnerability from csaf_redhat - Published: 2017-10-12 21:59 - Updated: 2026-05-28 20:35Summary
Red Hat Security Advisory: Red Hat JBoss BRMS 6.4.6 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss BRMS.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules.
This release of Red Hat JBoss BRMS 6.4.6 serves as a replacement for Red Hat JBoss BRMS 6.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type 'void'. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.4
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_enterprise_brms_platform:6.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type 'void'. An attacker could use this flaw to create a denial of service on the target system.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.4
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_enterprise_brms_platform:6.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.4
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_enterprise_brms_platform:6.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss BRMS.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules.\n\nThis release of Red Hat JBoss BRMS 6.4.6 serves as a replacement for Red Hat JBoss BRMS 6.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2888",
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/"
},
{
"category": "external",
"summary": "1441538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2888.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss BRMS 6.4.6 security update",
"tracking": {
"current_release_date": "2026-05-28T20:35:44+00:00",
"generator": {
"date": "2026-05-28T20:35:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2017:2888",
"initial_release_date": "2017-10-12T21:59:23+00:00",
"revision_history": [
{
"date": "2017-10-12T21:59:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-12T21:59:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:35:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss BRMS 6.4",
"product": {
"name": "Red Hat JBoss BRMS 6.4",
"product_id": "Red Hat JBoss BRMS 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T21:59:23+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"cve": "CVE-2017-7957",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441538"
}
],
"notes": [
{
"category": "description",
"text": "It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: DoS when unmarshalling void type",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7957"
},
{
"category": "external",
"summary": "RHBZ#1441538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7957",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7957"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957"
},
{
"category": "external",
"summary": "http://x-stream.github.io/CVE-2017-7957.html",
"url": "http://x-stream.github.io/CVE-2017-7957.html"
}
],
"release_date": "2017-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T21:59:23+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: DoS when unmarshalling void type"
},
{
"cve": "CVE-2019-17571",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: deserialization of untrusted data in SocketServer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17571"
},
{
"category": "external",
"summary": "RHBZ#1785616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T21:59:23+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"category": "workaround",
"details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
"product_ids": [
"Red Hat JBoss BRMS 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss BRMS 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: deserialization of untrusted data in SocketServer"
}
]
}
RHSA-2017:2889
Vulnerability from csaf_redhat - Published: 2017-10-12 21:59 - Updated: 2026-05-28 20:35Summary
Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.4.6 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss BPM Suite.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes.
This release of Red Hat JBoss BPM Suite 6.4.6 serves as a replacement for Red Hat JBoss BPM Suite 6.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type 'void'. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.4
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type 'void'. An attacker could use this flaw to create a denial of service on the target system.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.4
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.4
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss BPM Suite.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes.\n\nThis release of Red Hat JBoss BPM Suite 6.4.6 serves as a replacement for Red Hat JBoss BPM Suite 6.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2889",
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/"
},
{
"category": "external",
"summary": "1441538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2889.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.4.6 security update",
"tracking": {
"current_release_date": "2026-05-28T20:35:48+00:00",
"generator": {
"date": "2026-05-28T20:35:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2017:2889",
"initial_release_date": "2017-10-12T21:59:42+00:00",
"revision_history": [
{
"date": "2017-10-12T21:59:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-12T21:59:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:35:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss BPMS 6.4",
"product": {
"name": "Red Hat JBoss BPMS 6.4",
"product_id": "Red Hat JBoss BPMS 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_bpms:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T21:59:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"cve": "CVE-2017-7957",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1441538"
}
],
"notes": [
{
"category": "description",
"text": "It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: DoS when unmarshalling void type",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7957"
},
{
"category": "external",
"summary": "RHBZ#1441538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7957",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7957"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957"
},
{
"category": "external",
"summary": "http://x-stream.github.io/CVE-2017-7957.html",
"url": "http://x-stream.github.io/CVE-2017-7957.html"
}
],
"release_date": "2017-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T21:59:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: DoS when unmarshalling void type"
},
{
"cve": "CVE-2019-17571",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: deserialization of untrusted data in SocketServer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17571"
},
{
"category": "external",
"summary": "RHBZ#1785616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-12T21:59:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"category": "workaround",
"details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
"product_ids": [
"Red Hat JBoss BPMS 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss BPMS 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: deserialization of untrusted data in SocketServer"
}
]
}
RHSA-2017:3244
Vulnerability from csaf_redhat - Published: 2017-11-16 19:52 - Updated: 2026-05-28 20:35Summary
Red Hat Security Advisory: Red Hat JBoss Data Grid 7.1.1 security update
Severity
Important
Notes
Topic: Red Hat JBoss Data Grid 7.1.1 is now available for download from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan.
This release of Red Hat JBoss Data Grid 7.1.1 serves as a replacement for Red Hat JBoss Data Grid 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References.
Security Fix(es):
* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API. (CVE-2017-12629)
* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
* The hotrod java client in infinispan automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks. (CVE-2016-0750)
For more information regarding CVE-2017-12629, see the article linked in the references section.
Red Hat would like to thank Sebastian Olsson (TrueSec) for reporting CVE-2016-0750.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The hotrod java client in infinispan automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks.
4.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Data Grid 7.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Data Grid 7.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Data Grid 7.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Data Grid 7.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Data Grid 7.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
30 references
Acknowledgments
TrueSec
Sebastian Olsson
Gregory Ramsperger
Ryan Moak
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Data Grid 7.1.1 is now available for download from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan.\n\nThis release of Red Hat JBoss Data Grid 7.1.1 serves as a replacement for Red Hat JBoss Data Grid 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API. (CVE-2017-12629)\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* The hotrod java client in infinispan automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks. (CVE-2016-0750)\n\nFor more information regarding CVE-2017-12629, see the article linked in the references section.\n\nRed Hat would like to thank Sebastian Olsson (TrueSec) for reporting CVE-2016-0750.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3244",
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629",
"url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=distributions\u0026version=7.1.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=distributions\u0026version=7.1.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/",
"url": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/"
},
{
"category": "external",
"summary": "1300443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300443"
},
{
"category": "external",
"summary": "1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "1501529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3244.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Data Grid 7.1.1 security update",
"tracking": {
"current_release_date": "2026-05-28T20:35:45+00:00",
"generator": {
"date": "2026-05-28T20:35:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2017:3244",
"initial_release_date": "2017-11-16T19:52:09+00:00",
"revision_history": [
{
"date": "2017-11-16T19:52:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-16T19:52:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:35:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Data Grid 7.1",
"product": {
"name": "Red Hat JBoss Data Grid 7.1",
"product_id": "Red Hat JBoss Data Grid 7.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:7.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Sebastian Olsson"
],
"organization": "TrueSec"
}
],
"cve": "CVE-2016-0750",
"cwe": {
"id": "CWE-138",
"name": "Improper Neutralization of Special Elements"
},
"discovery_date": "2015-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1300443"
}
],
"notes": [
{
"category": "description",
"text": "The hotrod java client in infinispan automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "client: unchecked deserialization in marshaller util",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Data Grid 7.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0750"
},
{
"category": "external",
"summary": "RHBZ#1300443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0750",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0750"
}
],
"release_date": "2017-11-16T18:11:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-16T19:52:09+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update).\n\nBefore applying the update, back up your existing Red Hat JBoss Data Grid installation (including databases, configuration files, and so on).",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "client: unchecked deserialization in marshaller util"
},
{
"acknowledgments": [
{
"names": [
"Gregory Ramsperger",
"Ryan Moak"
]
}
],
"cve": "CVE-2017-2670",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2017-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1438885"
}
],
"notes": [
{
"category": "description",
"text": "It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: IO thread DoS via unclean Websocket closing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Data Grid 7.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2670"
},
{
"category": "external",
"summary": "RHBZ#1438885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1438885"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2670",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2670"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2670",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2670"
}
],
"release_date": "2017-06-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-16T19:52:09+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update).\n\nBefore applying the update, back up your existing Red Hat JBoss Data Grid installation (including databases, configuration files, and so on).",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: IO thread DoS via unclean Websocket closing"
},
{
"cve": "CVE-2017-5645",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1443635"
}
],
"notes": [
{
"category": "description",
"text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Socket receiver deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Data Grid 7.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-5645"
},
{
"category": "external",
"summary": "RHBZ#1443635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
}
],
"release_date": "2017-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-16T19:52:09+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update).\n\nBefore applying the update, back up your existing Red Hat JBoss Data Grid installation (including databases, configuration files, and so on).",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Socket receiver deserialization vulnerability"
},
{
"cve": "CVE-2017-12629",
"cwe": {
"id": "CWE-138",
"name": "Improper Neutralization of Special Elements"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501529"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Solr: Code execution via entity expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following products are not affected by this flaw, as they do not use the vulnerable functionality of either aspect of the issue.\nRed Hat JBoss Enterprise Application Platform 6\nRed Hat JBoss BPM Suite\nRed Hat JBoss BRMS\nRed Hat Enterprise Virtualization Manager\nRed Hat Single Sign-On 7\nRed Hat JBoss Portal Platform 6\n\nRed Hat JBoss Enterprise Application Platform 7 is not affected by this flaw. However, it does ship the vulnerable Lucene class in a dependency to another component. Customers who reuse the lucene-queryparser jar in their applications may be vulnerable to the External Entity Expansion aspect of this flaw. This will be patched in a forthcoming release.\n\nRed Hat JBoss Fuse is not affected by this flaw, as it does not use the vulnerable functionality of either aspect of this flaw. Fuse customers who may be running external Solr servers, while not affected from the Fuse side, are advised to secure their Solr servers as recommended in the mitigation provided.\n\nThe following products ship only the Lucene components relevant to this flaw, and are not vulnerable to the second portion of the vulnerability, the code execution exploit. As such, the impact of this flaw has been determined to be Moderate for these respective products:\nRed Hat JBoss Data Grid 7 \nRed Hat Enterprise Linux 6\nRed Hat Software Collections 2.4\n\nThis issue did not affect the versions of lucene as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does not affect Elasticsearch as shipped in OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Data Grid 7.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12629"
},
{
"category": "external",
"summary": "RHBZ#1501529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629",
"url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629"
}
],
"release_date": "2017-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-16T19:52:09+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update).\n\nBefore applying the update, back up your existing Red Hat JBoss Data Grid installation (including databases, configuration files, and so on).",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"category": "workaround",
"details": "Until fixes are available, all Solr users are advised to restart their Solr instances with the system parameter `-Ddisable.configEdit=true`. This will disallow any changes to be made to configurations via the Config API. This is a key factor in this vulnerability, since it allows GET requests to add the RunExecutableListener to the config.\n\nThis is sufficient to protect from this type of attack, but means you cannot use the edit capabilities of the Config API until further fixes are in place.",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Solr: Code execution via entity expansion"
},
{
"cve": "CVE-2019-17571",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: deserialization of untrusted data in SocketServer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Data Grid 7.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17571"
},
{
"category": "external",
"summary": "RHBZ#1785616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-16T19:52:09+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update).\n\nBefore applying the update, back up your existing Red Hat JBoss Data Grid installation (including databases, configuration files, and so on).",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"category": "workaround",
"details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
"product_ids": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Data Grid 7.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: deserialization of untrusted data in SocketServer"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…