Action not permitted
Modal body text goes here.
CVE-2019-14885
Vulnerability from cvelistv5
Published
2020-01-23 00:00
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885 | Issue Tracking, Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T00:26:39.249Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "JBoss EAP", "vendor": "Red Hat", "versions": [ { "status": "affected", "version": "All versions before 7.2.6.GA" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-14885", "datePublished": "2020-01-23T00:00:00", "dateReserved": "2019-08-10T00:00:00", "dateUpdated": "2024-08-05T00:26:39.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-14885\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-01-23T22:15:10.090\",\"lastModified\":\"2024-11-21T04:27:36.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un fallo en el sistema JBoss EAP Vault en todas las versiones anteriores a 7.2.6.GA. La informaci\u00f3n confidencial del valor del atributo de seguridad de la propiedad del sistema es revelada en el archivo de registro de JBoss EAP cuando se ejecuta un comando \\\"reload\\\" de la CLI de JBoss. Este fallo puede conllevar a la exposici\u00f3n de informaci\u00f3n confidencial.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.6\",\"matchCriteriaId\":\"1DD09F25-C666-447A-BBDD-A8C86AB9B7E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DDBD481-01D9-472E-9981-B888406CA39C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}" } }
rhsa-2020_2168
Vulnerability from csaf_redhat
Published
2020-05-14 11:46
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.
Security Fix(es):
* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2168", "url": "https://access.redhat.com/errata/RHSA-2020:2168" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2168.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update", "tracking": { "current_release_date": "2024-11-22T13:18:53+00:00", "generator": { "date": "2024-11-22T13:18:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2168", "initial_release_date": "2020-05-14T11:46:26+00:00", "revision_history": [ { "date": "2020-05-14T11:46:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-05-14T11:46:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 async", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 async", "product_id": "Red Hat JBoss Enterprise Application Platform 6.4 async", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-14T11:46:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. The JBoss server process must be restarted for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2168" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" } ] }
rhsa-2020_0161
Vulnerability from csaf_redhat
Published
2020-01-21 03:22
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening
on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is
revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in
HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package
(CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the
commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package
(CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an
externally exposed JSON endpoint and having apache-log4j-extra in the classpath
leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package
(CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package
(CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening\non HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is\nrevealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in\nHTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package\n(CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the\ncommons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package\n(CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an\nexternally exposed JSON endpoint and having apache-log4j-extra in the classpath\nleads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package\n(CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package\n(CVE-2019-17267)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0161", "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "JBEAP-17491", "url": "https://issues.redhat.com/browse/JBEAP-17491" }, { "category": "external", "summary": "JBEAP-17541", "url": "https://issues.redhat.com/browse/JBEAP-17541" }, { "category": "external", "summary": "JBEAP-17651", "url": "https://issues.redhat.com/browse/JBEAP-17651" }, { "category": "external", "summary": "JBEAP-17652", "url": "https://issues.redhat.com/browse/JBEAP-17652" }, { "category": "external", "summary": "JBEAP-17666", "url": "https://issues.redhat.com/browse/JBEAP-17666" }, { "category": "external", "summary": "JBEAP-17773", "url": "https://issues.redhat.com/browse/JBEAP-17773" }, { "category": "external", "summary": "JBEAP-17779", "url": "https://issues.redhat.com/browse/JBEAP-17779" }, { "category": "external", "summary": "JBEAP-17789", "url": "https://issues.redhat.com/browse/JBEAP-17789" }, { "category": "external", "summary": "JBEAP-17805", "url": "https://issues.redhat.com/browse/JBEAP-17805" }, { "category": "external", "summary": "JBEAP-17836", "url": "https://issues.redhat.com/browse/JBEAP-17836" }, { "category": "external", "summary": "JBEAP-17837", "url": "https://issues.redhat.com/browse/JBEAP-17837" }, { "category": "external", "summary": "JBEAP-17887", "url": "https://issues.redhat.com/browse/JBEAP-17887" }, { "category": "external", "summary": "JBEAP-17898", "url": "https://issues.redhat.com/browse/JBEAP-17898" }, { "category": "external", "summary": "JBEAP-17905", "url": "https://issues.redhat.com/browse/JBEAP-17905" }, { "category": "external", "summary": "JBEAP-17906", "url": "https://issues.redhat.com/browse/JBEAP-17906" }, { "category": "external", "summary": "JBEAP-17940", "url": "https://issues.redhat.com/browse/JBEAP-17940" }, { "category": "external", "summary": "JBEAP-17945", "url": "https://issues.redhat.com/browse/JBEAP-17945" }, { "category": "external", "summary": "JBEAP-17974", "url": "https://issues.redhat.com/browse/JBEAP-17974" }, { "category": "external", "summary": "JBEAP-17998", "url": "https://issues.redhat.com/browse/JBEAP-17998" }, { "category": "external", "summary": "JBEAP-18169", "url": "https://issues.redhat.com/browse/JBEAP-18169" }, { "category": "external", "summary": "JBEAP-18170", "url": "https://issues.redhat.com/browse/JBEAP-18170" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0161.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 security update", "tracking": { "current_release_date": "2024-11-22T13:18:29+00:00", "generator": { "date": "2024-11-22T13:18:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0161", "initial_release_date": "2020-01-21T03:22:56+00:00", "revision_history": [ { "date": "2020-01-21T03:22:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-01-21T03:22:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2 for RHEL 8", "product": { "name": "Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-21.SP12_redhat_00010.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.42-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.5-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_id": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.11-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.11-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.11-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.10-2.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.6-5.GA_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.6-5.GA_redhat_00001.1.el8eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "product": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "product": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.10-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el8eap?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src" }, "product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Dominik Mizyn" ], "organization": "Samsung R\u0026D Institute Poland" } ], "cve": "CVE-2019-10219", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-05-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1738673" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "hibernate-validator: safeHTML validator allows XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10219" }, { "category": "external", "summary": "RHBZ#1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10219" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219" } ], "release_date": "2019-08-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hibernate-validator: safeHTML validator allows XSS" }, { "cve": "CVE-2019-14540", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755849" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14540" }, { "category": "external", "summary": "RHBZ#1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig" }, { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "acknowledgments": [ { "names": [ "Henning Baldersheim", "H\u00e5vard Pettersen" ], "organization": "Verizon Media" } ], "cve": "CVE-2019-14888", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1772464" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14888" }, { "category": "external", "summary": "RHBZ#1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888" } ], "release_date": "2020-01-20T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS" }, { "cve": "CVE-2019-14892", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758171" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14892" }, { "category": "external", "summary": "RHBZ#1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892" } ], "release_date": "2019-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package" }, { "cve": "CVE-2019-14893", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758182" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the xalan package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14893" }, { "category": "external", "summary": "RHBZ#1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893" } ], "release_date": "2019-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the xalan package" }, { "cve": "CVE-2019-16335", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755831" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16335" }, { "category": "external", "summary": "RHBZ#1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource" }, { "cve": "CVE-2019-16869", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758619" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16869" }, { "category": "external", "summary": "RHBZ#1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869" } ], "release_date": "2019-09-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers" }, { "cve": "CVE-2019-16942", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758187" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16942" }, { "category": "external", "summary": "RHBZ#1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*" }, { "cve": "CVE-2019-16943", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758191" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16943" }, { "category": "external", "summary": "RHBZ#1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource" }, { "cve": "CVE-2019-17267", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758167" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the ehcache package", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17267" }, { "category": "external", "summary": "RHBZ#1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267" } ], "release_date": "2019-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the ehcache package" }, { "cve": "CVE-2019-17531", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775293" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17531" }, { "category": "external", "summary": "RHBZ#1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531" } ], "release_date": "2019-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:22:56+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*" } ] }
rhsa-2020_0159
Vulnerability from csaf_redhat
Published
2020-01-21 02:57
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0159", "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "JBEAP-17491", "url": "https://issues.redhat.com/browse/JBEAP-17491" }, { "category": "external", "summary": "JBEAP-17541", "url": "https://issues.redhat.com/browse/JBEAP-17541" }, { "category": "external", "summary": "JBEAP-17651", "url": "https://issues.redhat.com/browse/JBEAP-17651" }, { "category": "external", "summary": "JBEAP-17652", "url": "https://issues.redhat.com/browse/JBEAP-17652" }, { "category": "external", "summary": "JBEAP-17666", "url": "https://issues.redhat.com/browse/JBEAP-17666" }, { "category": "external", "summary": "JBEAP-17773", "url": "https://issues.redhat.com/browse/JBEAP-17773" }, { "category": "external", "summary": "JBEAP-17779", "url": "https://issues.redhat.com/browse/JBEAP-17779" }, { "category": "external", "summary": "JBEAP-17789", "url": "https://issues.redhat.com/browse/JBEAP-17789" }, { "category": "external", "summary": "JBEAP-17805", "url": "https://issues.redhat.com/browse/JBEAP-17805" }, { "category": "external", "summary": "JBEAP-17834", "url": "https://issues.redhat.com/browse/JBEAP-17834" }, { "category": "external", "summary": "JBEAP-17837", "url": "https://issues.redhat.com/browse/JBEAP-17837" }, { "category": "external", "summary": "JBEAP-17887", "url": "https://issues.redhat.com/browse/JBEAP-17887" }, { "category": "external", "summary": "JBEAP-17898", "url": "https://issues.redhat.com/browse/JBEAP-17898" }, { "category": "external", "summary": "JBEAP-17905", "url": "https://issues.redhat.com/browse/JBEAP-17905" }, { "category": "external", "summary": "JBEAP-17906", "url": "https://issues.redhat.com/browse/JBEAP-17906" }, { "category": "external", "summary": "JBEAP-17940", "url": "https://issues.redhat.com/browse/JBEAP-17940" }, { "category": "external", "summary": "JBEAP-17945", "url": "https://issues.redhat.com/browse/JBEAP-17945" }, { "category": "external", "summary": "JBEAP-17974", "url": "https://issues.redhat.com/browse/JBEAP-17974" }, { "category": "external", "summary": "JBEAP-17998", "url": "https://issues.redhat.com/browse/JBEAP-17998" }, { "category": "external", "summary": "JBEAP-18169", "url": "https://issues.redhat.com/browse/JBEAP-18169" }, { "category": "external", "summary": "JBEAP-18170", "url": "https://issues.redhat.com/browse/JBEAP-18170" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0159.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 security update", "tracking": { "current_release_date": "2024-11-22T13:18:05+00:00", "generator": { "date": "2024-11-22T13:18:05+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0159", "initial_release_date": "2020-01-21T02:57:45+00:00", "revision_history": [ { "date": "2020-01-21T02:57:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-01-21T02:57:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:05+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product": { "name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-21.SP12_redhat_00010.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.18-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.42-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.5-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_id": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.11-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.11-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.11-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.10-2.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.6-5.GA_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.6-5.GA_redhat_00001.1.el6eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "product": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "product": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.10-1.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "product": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el6eap?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src" }, "product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch" }, "product_reference": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Dominik Mizyn" ], "organization": "Samsung R\u0026D Institute Poland" } ], "cve": "CVE-2019-10219", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-05-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1738673" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "hibernate-validator: safeHTML validator allows XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10219" }, { "category": "external", "summary": "RHBZ#1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10219" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219" } ], "release_date": "2019-08-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hibernate-validator: safeHTML validator allows XSS" }, { "cve": "CVE-2019-14540", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755849" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14540" }, { "category": "external", "summary": "RHBZ#1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig" }, { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "acknowledgments": [ { "names": [ "Henning Baldersheim", "H\u00e5vard Pettersen" ], "organization": "Verizon Media" } ], "cve": "CVE-2019-14888", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1772464" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14888" }, { "category": "external", "summary": "RHBZ#1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888" } ], "release_date": "2020-01-20T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS" }, { "cve": "CVE-2019-14892", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758171" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14892" }, { "category": "external", "summary": "RHBZ#1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892" } ], "release_date": "2019-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package" }, { "cve": "CVE-2019-14893", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758182" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the xalan package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14893" }, { "category": "external", "summary": "RHBZ#1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893" } ], "release_date": "2019-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the xalan package" }, { "cve": "CVE-2019-16335", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755831" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16335" }, { "category": "external", "summary": "RHBZ#1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource" }, { "cve": "CVE-2019-16869", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758619" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16869" }, { "category": "external", "summary": "RHBZ#1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869" } ], "release_date": "2019-09-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers" }, { "cve": "CVE-2019-16942", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758187" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16942" }, { "category": "external", "summary": "RHBZ#1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*" }, { "cve": "CVE-2019-16943", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758191" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16943" }, { "category": "external", "summary": "RHBZ#1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource" }, { "cve": "CVE-2019-17267", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758167" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the ehcache package", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17267" }, { "category": "external", "summary": "RHBZ#1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267" } ], "release_date": "2019-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the ehcache package" }, { "cve": "CVE-2019-17531", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775293" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17531" }, { "category": "external", "summary": "RHBZ#1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531" } ], "release_date": "2019-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:57:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*" } ] }
rhsa-2020_2781
Vulnerability from csaf_redhat
Published
2020-07-01 10:57
Modified
2024-11-22 13:19
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2781", "url": "https://access.redhat.com/errata/RHSA-2020:2781" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html", "url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html" }, { "category": "external", "summary": "1700855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855" }, { "category": "external", "summary": "1708467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467" }, { "category": "external", "summary": "1710432", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710432" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542" }, { "category": "external", "summary": "1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "1816579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579" }, { "category": "external", "summary": "1816629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629" }, { "category": "external", "summary": "1819214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2781.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update", "tracking": { "current_release_date": "2024-11-22T13:19:00+00:00", "generator": { "date": "2024-11-22T13:19:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2781", "initial_release_date": "2020-07-01T10:57:21+00:00", "revision_history": [ { "date": "2020-07-01T10:57:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-07-01T10:57:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:19:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "product": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "product": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "product": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "product": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "product": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "product": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "product": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "product": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src", "product": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src", "product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "product": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "product": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "product": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "product": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el5?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch" }, "product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src" }, "product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src" }, "product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src" }, "product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch" }, "product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src" }, "product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch" }, "product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src" }, "product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch" }, "product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" }, "product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T10:57:21+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.", "product_ids": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2781" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "cve": "CVE-2020-1938", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1806398" } ], "notes": [ { "category": "description", "text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1938" }, { "category": "external", "summary": "RHBZ#1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938" }, { "category": "external", "summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51" }, { "category": "external", "summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31" }, { "category": "external", "summary": "https://www.cnvd.org.cn/webinfo/show/5415", "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "category": "external", "summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2020-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T10:57:21+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.", "product_ids": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2781" }, { "category": "workaround", "details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", "product_ids": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch", "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability" } ] }
rhsa-2020_0164
Vulnerability from csaf_redhat
Published
2020-01-21 02:23
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening
on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is
revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in
HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package
(CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the
commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package
(CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an
externally exposed JSON endpoint and having apache-log4j-extra in the classpath
leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package
(CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package
(CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening\non HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is\nrevealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in\nHTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package\n(CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the\ncommons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package\n(CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an\nexternally exposed JSON endpoint and having apache-log4j-extra in the classpath\nleads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package\n(CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package\n(CVE-2019-17267)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0164", "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "JBEAP-17491", "url": "https://issues.redhat.com/browse/JBEAP-17491" }, { "category": "external", "summary": "JBEAP-17541", "url": "https://issues.redhat.com/browse/JBEAP-17541" }, { "category": "external", "summary": "JBEAP-17651", "url": "https://issues.redhat.com/browse/JBEAP-17651" }, { "category": "external", "summary": "JBEAP-17652", "url": "https://issues.redhat.com/browse/JBEAP-17652" }, { "category": "external", "summary": "JBEAP-17666", "url": "https://issues.redhat.com/browse/JBEAP-17666" }, { "category": "external", "summary": "JBEAP-17773", "url": "https://issues.redhat.com/browse/JBEAP-17773" }, { "category": "external", "summary": "JBEAP-17779", "url": "https://issues.redhat.com/browse/JBEAP-17779" }, { "category": "external", "summary": "JBEAP-17789", "url": "https://issues.redhat.com/browse/JBEAP-17789" }, { "category": "external", "summary": "JBEAP-17805", "url": "https://issues.redhat.com/browse/JBEAP-17805" }, { "category": "external", "summary": "JBEAP-17837", "url": "https://issues.redhat.com/browse/JBEAP-17837" }, { "category": "external", "summary": "JBEAP-17887", "url": "https://issues.redhat.com/browse/JBEAP-17887" }, { "category": "external", "summary": "JBEAP-17898", "url": "https://issues.redhat.com/browse/JBEAP-17898" }, { "category": "external", "summary": "JBEAP-17905", "url": "https://issues.redhat.com/browse/JBEAP-17905" }, { "category": "external", "summary": "JBEAP-17906", "url": "https://issues.redhat.com/browse/JBEAP-17906" }, { "category": "external", "summary": "JBEAP-17940", "url": "https://issues.redhat.com/browse/JBEAP-17940" }, { "category": "external", "summary": "JBEAP-17945", "url": "https://issues.redhat.com/browse/JBEAP-17945" }, { "category": "external", "summary": "JBEAP-17974", "url": "https://issues.redhat.com/browse/JBEAP-17974" }, { "category": "external", "summary": "JBEAP-17998", "url": "https://issues.redhat.com/browse/JBEAP-17998" }, { "category": "external", "summary": "JBEAP-18169", "url": "https://issues.redhat.com/browse/JBEAP-18169" }, { "category": "external", "summary": "JBEAP-18170", "url": "https://issues.redhat.com/browse/JBEAP-18170" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0164.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 security update", "tracking": { "current_release_date": "2024-11-22T13:18:13+00:00", "generator": { "date": "2024-11-22T13:18:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0164", "initial_release_date": "2020-01-21T02:23:36+00:00", "revision_history": [ { "date": "2020-01-21T02:23:36+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-01-21T02:23:36+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2", "product": { "name": "Red Hat JBoss EAP 7.2", "product_id": "Red Hat JBoss EAP 7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Dominik Mizyn" ], "organization": "Samsung R\u0026D Institute Poland" } ], "cve": "CVE-2019-10219", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-05-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1738673" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "hibernate-validator: safeHTML validator allows XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10219" }, { "category": "external", "summary": "RHBZ#1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10219" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219" } ], "release_date": "2019-08-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hibernate-validator: safeHTML validator allows XSS" }, { "cve": "CVE-2019-14540", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755849" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14540" }, { "category": "external", "summary": "RHBZ#1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig" }, { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "acknowledgments": [ { "names": [ "Henning Baldersheim", "H\u00e5vard Pettersen" ], "organization": "Verizon Media" } ], "cve": "CVE-2019-14888", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1772464" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14888" }, { "category": "external", "summary": "RHBZ#1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888" } ], "release_date": "2020-01-20T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS" }, { "cve": "CVE-2019-14892", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758171" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14892" }, { "category": "external", "summary": "RHBZ#1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892" } ], "release_date": "2019-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package" }, { "cve": "CVE-2019-14893", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758182" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the xalan package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14893" }, { "category": "external", "summary": "RHBZ#1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893" } ], "release_date": "2019-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the xalan package" }, { "cve": "CVE-2019-16335", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755831" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16335" }, { "category": "external", "summary": "RHBZ#1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource" }, { "cve": "CVE-2019-16869", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758619" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16869" }, { "category": "external", "summary": "RHBZ#1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869" } ], "release_date": "2019-09-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers" }, { "cve": "CVE-2019-16942", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758187" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16942" }, { "category": "external", "summary": "RHBZ#1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*" }, { "cve": "CVE-2019-16943", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758191" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16943" }, { "category": "external", "summary": "RHBZ#1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource" }, { "cve": "CVE-2019-17267", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758167" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the ehcache package", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17267" }, { "category": "external", "summary": "RHBZ#1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267" } ], "release_date": "2019-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the ehcache package" }, { "cve": "CVE-2019-17531", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775293" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17531" }, { "category": "external", "summary": "RHBZ#1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531" } ], "release_date": "2019-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T02:23:36+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*" } ] }
rhsa-2020_2780
Vulnerability from csaf_redhat
Published
2020-07-01 10:55
Modified
2024-11-22 13:19
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in the
References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat
Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss
server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in the\nReferences section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat\nEnterprise Linux 5 are advised to upgrade to these updated packages. The JBoss\nserver process must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2780", "url": "https://access.redhat.com/errata/RHSA-2020:2780" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html", "url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html" }, { "category": "external", "summary": "1700855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855" }, { "category": "external", "summary": "1708467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467" }, { "category": "external", "summary": "1710434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710434" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542" }, { "category": "external", "summary": "1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "1816579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579" }, { "category": "external", "summary": "1816629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629" }, { "category": "external", "summary": "1819214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2780.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update", "tracking": { "current_release_date": "2024-11-22T13:19:18+00:00", "generator": { "date": "2024-11-22T13:19:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2780", "initial_release_date": "2020-07-01T10:55:01+00:00", "revision_history": [ { "date": "2020-07-01T10:55:01+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-07-01T10:55:01+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:19:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "product": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "product": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "product": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "product": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "product": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src", "product": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src", "product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "product": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "product": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch" }, "product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src" }, "product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src" }, "product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch" }, "product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src" }, "product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch" }, "product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" }, "product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T10:55:01+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2780" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "cve": "CVE-2020-1938", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1806398" } ], "notes": [ { "category": "description", "text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1938" }, { "category": "external", "summary": "RHBZ#1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938" }, { "category": "external", "summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51" }, { "category": "external", "summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31" }, { "category": "external", "summary": "https://www.cnvd.org.cn/webinfo/show/5415", "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "category": "external", "summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2020-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T10:55:01+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2780" }, { "category": "workaround", "details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", "product_ids": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability" } ] }
rhsa-2020_0160
Vulnerability from csaf_redhat
Published
2020-01-21 03:47
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 7 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening
on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is
revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in
HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package
(CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the
commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package
(CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an
externally exposed JSON endpoint and having apache-log4j-extra in the classpath
leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package
(CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package
(CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening\non HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is\nrevealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in\nHTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package\n(CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the\ncommons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package\n(CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an\nexternally exposed JSON endpoint and having apache-log4j-extra in the classpath\nleads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package\n(CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package\n(CVE-2019-17267)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0160", "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "JBEAP-17491", "url": "https://issues.redhat.com/browse/JBEAP-17491" }, { "category": "external", "summary": "JBEAP-17541", "url": "https://issues.redhat.com/browse/JBEAP-17541" }, { "category": "external", "summary": "JBEAP-17651", "url": "https://issues.redhat.com/browse/JBEAP-17651" }, { "category": "external", "summary": "JBEAP-17652", "url": "https://issues.redhat.com/browse/JBEAP-17652" }, { "category": "external", "summary": "JBEAP-17666", "url": "https://issues.redhat.com/browse/JBEAP-17666" }, { "category": "external", "summary": "JBEAP-17773", "url": "https://issues.redhat.com/browse/JBEAP-17773" }, { "category": "external", "summary": "JBEAP-17779", "url": "https://issues.redhat.com/browse/JBEAP-17779" }, { "category": "external", "summary": "JBEAP-17789", "url": "https://issues.redhat.com/browse/JBEAP-17789" }, { "category": "external", "summary": "JBEAP-17805", "url": "https://issues.redhat.com/browse/JBEAP-17805" }, { "category": "external", "summary": "JBEAP-17835", "url": "https://issues.redhat.com/browse/JBEAP-17835" }, { "category": "external", "summary": "JBEAP-17837", "url": "https://issues.redhat.com/browse/JBEAP-17837" }, { "category": "external", "summary": "JBEAP-17887", "url": "https://issues.redhat.com/browse/JBEAP-17887" }, { "category": "external", "summary": "JBEAP-17898", "url": "https://issues.redhat.com/browse/JBEAP-17898" }, { "category": "external", "summary": "JBEAP-17905", "url": "https://issues.redhat.com/browse/JBEAP-17905" }, { "category": "external", "summary": "JBEAP-17906", "url": "https://issues.redhat.com/browse/JBEAP-17906" }, { "category": "external", "summary": "JBEAP-17940", "url": "https://issues.redhat.com/browse/JBEAP-17940" }, { "category": "external", "summary": "JBEAP-17945", "url": "https://issues.redhat.com/browse/JBEAP-17945" }, { "category": "external", "summary": "JBEAP-17974", "url": "https://issues.redhat.com/browse/JBEAP-17974" }, { "category": "external", "summary": "JBEAP-17998", "url": "https://issues.redhat.com/browse/JBEAP-17998" }, { "category": "external", "summary": "JBEAP-18169", "url": "https://issues.redhat.com/browse/JBEAP-18169" }, { "category": "external", "summary": "JBEAP-18170", "url": "https://issues.redhat.com/browse/JBEAP-18170" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0160.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 7 security update", "tracking": { "current_release_date": "2024-11-22T13:18:20+00:00", "generator": { "date": "2024-11-22T13:18:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0160", "initial_release_date": "2020-01-21T03:47:51+00:00", "revision_history": [ { "date": "2020-01-21T03:47:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-01-21T03:47:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product": { "name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-21.SP12_redhat_00010.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.42-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_id": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.11-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.11-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.11-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.10-2.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "product": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "product": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.10-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el7eap?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src" }, "product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Dominik Mizyn" ], "organization": "Samsung R\u0026D Institute Poland" } ], "cve": "CVE-2019-10219", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-05-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1738673" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "hibernate-validator: safeHTML validator allows XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10219" }, { "category": "external", "summary": "RHBZ#1738673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10219" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219" } ], "release_date": "2019-08-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hibernate-validator: safeHTML validator allows XSS" }, { "cve": "CVE-2019-14540", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755849" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14540" }, { "category": "external", "summary": "RHBZ#1755849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig" }, { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "acknowledgments": [ { "names": [ "Henning Baldersheim", "H\u00e5vard Pettersen" ], "organization": "Verizon Media" } ], "cve": "CVE-2019-14888", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1772464" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14888" }, { "category": "external", "summary": "RHBZ#1772464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888" } ], "release_date": "2020-01-20T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS" }, { "cve": "CVE-2019-14892", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758171" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14892" }, { "category": "external", "summary": "RHBZ#1758171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892" } ], "release_date": "2019-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package" }, { "cve": "CVE-2019-14893", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758182" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the xalan package", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14893" }, { "category": "external", "summary": "RHBZ#1758182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893" } ], "release_date": "2019-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the xalan package" }, { "cve": "CVE-2019-16335", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1755831" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16335" }, { "category": "external", "summary": "RHBZ#1755831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335" } ], "release_date": "2019-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource" }, { "cve": "CVE-2019-16869", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758619" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16869" }, { "category": "external", "summary": "RHBZ#1758619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869" } ], "release_date": "2019-09-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers" }, { "cve": "CVE-2019-16942", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758187" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16942" }, { "category": "external", "summary": "RHBZ#1758187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*" }, { "cve": "CVE-2019-16943", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758191" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16943" }, { "category": "external", "summary": "RHBZ#1758191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943" } ], "release_date": "2019-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource" }, { "cve": "CVE-2019-17267", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758167" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in classes of the ehcache package", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17267" }, { "category": "external", "summary": "RHBZ#1758167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267" } ], "release_date": "2019-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in classes of the ehcache package" }, { "cve": "CVE-2019-17531", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775293" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*", "title": "Vulnerability summary" }, { "category": "other", "text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17531" }, { "category": "external", "summary": "RHBZ#1775293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531" } ], "release_date": "2019-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-21T03:47:51+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*" } ] }
rhsa-2020_2783
Vulnerability from csaf_redhat
Published
2020-07-01 11:21
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2783", "url": "https://access.redhat.com/errata/RHSA-2020:2783" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html", "url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "1700855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855" }, { "category": "external", "summary": "1708467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542" }, { "category": "external", "summary": "1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "1816579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579" }, { "category": "external", "summary": "1816629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629" }, { "category": "external", "summary": "1819214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2783.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update", "tracking": { "current_release_date": "2024-11-22T13:18:11+00:00", "generator": { "date": "2024-11-22T13:18:11+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2783", "initial_release_date": "2020-07-01T11:21:09+00:00", "revision_history": [ { "date": "2020-07-01T11:21:09+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-07-01T11:21:09+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:11+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product_id": "Red Hat JBoss Enterprise Application Platform 6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T11:21:09+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2783" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "cve": "CVE-2020-1938", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1806398" } ], "notes": [ { "category": "description", "text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1938" }, { "category": "external", "summary": "RHBZ#1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938" }, { "category": "external", "summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51" }, { "category": "external", "summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31" }, { "category": "external", "summary": "https://www.cnvd.org.cn/webinfo/show/5415", "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "category": "external", "summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2020-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T11:21:09+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2783" }, { "category": "workaround", "details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability" } ] }
rhsa-2020_0951
Vulnerability from csaf_redhat
Published
2020-03-23 20:13
Modified
2024-12-08 11:15
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)
* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)
* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)
* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)
* netty: HTTP request smuggling (CVE-2019-20444)
* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0951", "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/" }, { "category": "external", "summary": "1764607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764607" }, { "category": "external", "summary": "1764612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764612" }, { "category": "external", "summary": "1764658", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764658" }, { "category": "external", "summary": "1767483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767483" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772008" }, { "category": "external", "summary": "1793154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793154" }, { "category": "external", "summary": "1796225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796225" }, { "category": "external", "summary": "1798509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798509" }, { "category": "external", "summary": "1798524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798524" }, { "category": "external", "summary": "1805792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805792" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0951.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update", "tracking": { "current_release_date": "2024-12-08T11:15:51+00:00", "generator": { "date": "2024-12-08T11:15:51+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2020:0951", "initial_release_date": "2020-03-23T20:13:32+00:00", "revision_history": [ { "date": "2020-03-23T20:13:32+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-03-23T20:13:32+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-08T11:15:51+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.3", "product": { "name": "Red Hat Single Sign-On 7.3", "product_id": "Red Hat Single Sign-On 7.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-0205", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1764612" } ], "notes": [ { "category": "description", "text": "In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.", "title": "Vulnerability description" }, { "category": "summary", "text": "thrift: Endless loop when feed with specific input data", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight does not expose libthrift in a vulnerable way, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe thrift package in OpenShift Container Platform is installed only in Curator images in the Logging stack. The affected code is included in this package, it\u0027s functionality is not used. This vulnerability is therefore rated Low for OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0205" }, { "category": "external", "summary": "RHBZ#1764612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0205", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0205" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0205" } ], "release_date": "2019-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "thrift: Endless loop when feed with specific input data" }, { "cve": "CVE-2019-0210", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1764607" } ], "notes": [ { "category": "description", "text": "In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.", "title": "Vulnerability description" }, { "category": "summary", "text": "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight is not affected as this is a Golang specific problem, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe version of thrift delivered in OpenShift Container Platform is not affected by this vulnerability as it does not contain the affected code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0210" }, { "category": "external", "summary": "RHBZ#1764607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764607" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0210", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0210" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0210" } ], "release_date": "2019-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol" }, { "cve": "CVE-2019-10086", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-10-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1767483" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10086" }, { "category": "external", "summary": "RHBZ#1767483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767483" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086" }, { "category": "external", "summary": "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", "url": "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt" } ], "release_date": "2019-08-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "workaround", "details": "There is no currently known mitigation for this flaw.", "product_ids": [ "Red Hat Single Sign-On 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default" }, { "cve": "CVE-2019-12400", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-08-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1764658" } ], "notes": [ { "category": "description", "text": "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12400" }, { "category": "external", "summary": "RHBZ#1764658", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764658" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12400", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12400" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12400" } ], "release_date": "2019-08-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source" }, { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "cve": "CVE-2019-14887", "cwe": { "id": "CWE-757", "name": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)" }, "discovery_date": "2019-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1772008" } ], "notes": [ { "category": "description", "text": "A flaw was found when an OpenSSL security provider is used with Wildfly, the \u0027enabled-protocols\u0027 value in the Wildfly configuration isn\u0027t honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14887" }, { "category": "external", "summary": "RHBZ#1772008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772008" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14887", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14887" } ], "release_date": "2020-03-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "workaround", "details": "Avoid using an OpenSSL security provider and instead use the default configuration or regular JSSE provider with \u0027TLS\u0027.", "product_ids": [ "Red Hat Single Sign-On 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use" }, { "cve": "CVE-2019-20330", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-01-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1793154" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: lacks certain net.sf.ehcache blocking", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-20330" }, { "category": "external", "summary": "RHBZ#1793154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793154" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-20330", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20330" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20330" } ], "release_date": "2020-01-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Single Sign-On 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: lacks certain net.sf.ehcache blocking" }, { "cve": "CVE-2019-20444", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2020-01-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1798524" } ], "notes": [ { "category": "description", "text": "A HTTP smuggling flaw was found in HttpObjectDecoder.java in Netty in versions prior to version 4.1.44. HTTP headers with an invalid fold, in this case CRLF (carriage return, line feed) without being followed by SP (space) or HTAB (horizontal tab), result in situations where headers can be misread. Data integrity is the highest threat with this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that the previous vulnerability, CVE-2019-16869, does not pose a substantial practical threat to ElasticSearch 6. We agree that these issues would be difficult to exploit on OpenShift Container Platform so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-20444" }, { "category": "external", "summary": "RHBZ#1798524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798524" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-20444", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20444" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20444" }, { "category": "external", "summary": "https://github.com/elastic/elasticsearch/issues/49396", "url": "https://github.com/elastic/elasticsearch/issues/49396" } ], "release_date": "2020-01-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "Red Hat Single Sign-On 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HTTP request smuggling" }, { "cve": "CVE-2019-20445", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2020-01-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1798509" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a server, it could result in a viable HTTP smuggling vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-20445" }, { "category": "external", "summary": "RHBZ#1798509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798509" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-20445", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20445" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20445" } ], "release_date": "2020-01-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "Red Hat Single Sign-On 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header" }, { "cve": "CVE-2020-1744", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "discovery_date": "2020-02-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1805792" } ], "notes": [ { "category": "description", "text": "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1744" }, { "category": "external", "summary": "RHBZ#1805792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805792" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1744", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1744" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1744" } ], "release_date": "2020-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP" }, { "cve": "CVE-2020-7238", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2020-01-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1796225" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7238" }, { "category": "external", "summary": "RHBZ#1796225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796225" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7238", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7238" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7238" }, { "category": "external", "summary": "https://netty.io/news/2019/12/18/4-1-44-Final.html", "url": "https://netty.io/news/2019/12/18/4-1-44-Final.html" } ], "release_date": "2020-01-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-23T20:13:32+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0951" }, { "category": "workaround", "details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", "product_ids": [ "Red Hat Single Sign-On 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling" } ] }
rhsa-2020_2779
Vulnerability from csaf_redhat
Published
2020-07-01 10:57
Modified
2024-11-22 13:19
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2779", "url": "https://access.redhat.com/errata/RHSA-2020:2779" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html", "url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html" }, { "category": "external", "summary": "1700855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855" }, { "category": "external", "summary": "1708467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467" }, { "category": "external", "summary": "1710433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710433" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "1772542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542" }, { "category": "external", "summary": "1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "1816579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579" }, { "category": "external", "summary": "1816629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629" }, { "category": "external", "summary": "1819214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2779.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update", "tracking": { "current_release_date": "2024-11-22T13:19:09+00:00", "generator": { "date": "2024-11-22T13:19:09+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2779", "initial_release_date": "2020-07-01T10:57:42+00:00", "revision_history": [ { "date": "2020-07-01T10:57:42+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-07-01T10:57:42+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:19:09+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "product": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "product": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "product": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "product": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "product": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src", "product": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src", "product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "product": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "product": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch" }, "product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src" }, "product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src" }, "product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch" }, "product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src" }, "product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch" }, "product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" }, "product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T10:57:42+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.", "product_ids": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" }, { "cve": "CVE-2020-1938", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1806398" } ], "notes": [ { "category": "description", "text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1938" }, { "category": "external", "summary": "RHBZ#1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938" }, { "category": "external", "summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51" }, { "category": "external", "summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31" }, { "category": "external", "summary": "https://www.cnvd.org.cn/webinfo/show/5415", "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "category": "external", "summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2020-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-01T10:57:42+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.", "product_ids": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2779" }, { "category": "workaround", "details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", "product_ids": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability" } ] }
rhsa-2020_2169
Vulnerability from csaf_redhat
Published
2020-05-14 12:14
Modified
2024-11-22 13:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.
Security Fix(es):
* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.\n\nSecurity Fix(es):\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2169", "url": "https://access.redhat.com/errata/RHSA-2020:2169" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/" }, { "category": "external", "summary": "1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2169.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update", "tracking": { "current_release_date": "2024-11-22T13:18:45+00:00", "generator": { "date": "2024-11-22T13:18:45+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2169", "initial_release_date": "2020-05-14T12:14:42+00:00", "revision_history": [ { "date": "2020-05-14T12:14:42+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-05-14T12:14:42+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T13:18:45+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch" }, "product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src" }, "product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch" }, "product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src" }, "product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch" }, "product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src" }, "product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch" }, "product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src" }, "product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch" }, "product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src" }, "product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch" }, "product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src" }, "product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch" }, "product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src" }, "product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-14885", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1770615" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14885" }, { "category": "external", "summary": "RHBZ#1770615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" } ], "release_date": "2020-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-14T12:14:42+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. The JBoss server process must be restarted for the update to take effect.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2169" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command" } ] }
gsd-2019-14885
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2019-14885", "description": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "id": "GSD-2019-14885", "references": [ "https://access.redhat.com/errata/RHSA-2020:2783", "https://access.redhat.com/errata/RHSA-2020:2781", "https://access.redhat.com/errata/RHSA-2020:2780", "https://access.redhat.com/errata/RHSA-2020:2779", "https://access.redhat.com/errata/RHSA-2020:2169", "https://access.redhat.com/errata/RHSA-2020:2168", "https://access.redhat.com/errata/RHSA-2020:0951", "https://access.redhat.com/errata/RHSA-2020:0164", "https://access.redhat.com/errata/RHSA-2020:0161", "https://access.redhat.com/errata/RHSA-2020:0160", "https://access.redhat.com/errata/RHSA-2020:0159" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2019-14885" ], "details": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "id": "GSD-2019-14885", "modified": "2023-12-13T01:23:52.750877Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-14885", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "JBoss EAP", "version": { "version_data": [ { "version_value": "All versions before 7.2.6.GA" } ] } } ] }, "vendor_name": "Red Hat" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information." } ] }, "impact": { "cvss": [ [ { "vectorString": "5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-532" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.6:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.2.6", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-14885" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-532" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 1.4 } }, "lastModifiedDate": "2022-11-08T02:17Z", "publishedDate": "2020-01-23T22:15Z" } } }
ghsa-cxpp-v3rm-fq33
Vulnerability from github
Published
2022-05-24 17:07
Modified
2022-10-07 18:15
Severity ?
Details
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
{ "affected": [], "aliases": [ "CVE-2019-14885" ], "database_specific": { "cwe_ids": [ "CWE-532" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-01-23T22:15:00Z", "severity": "MODERATE" }, "details": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.", "id": "GHSA-cxpp-v3rm-fq33", "modified": "2022-10-07T18:15:56Z", "published": "2022-05-24T17:07:10Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.