Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-8908 (GCVE-0-2020-8908)
Vulnerability from cvelistv5 – Published: 2020-12-10 22:10 – Updated: 2024-08-04 10:12
VLAI
EPSS
Title
Temp directory permission issue in Guava
Summary
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
Severity
CWE
- CWE-378 - Creation of Temporary File With Insecure Permissions
Assigner
References
43 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Google LLC | Guava |
Affected:
1.0 , < 32.0
(custom)
|
Credits
Jonathan Leitschuh
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:12:10.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz edited a comment on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] cgivre commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210619 [GitHub] [drill] luocooong commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Updated] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi opened a new pull request #3561: Yarn 10980",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hive-dev] 20211018 [jira] [Created] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi edited a comment on pull request #3561: YARN-10980:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Updated] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Work logged] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Comment Edited] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hive-gitbox] 20211018 [GitHub] [hive] lujiefsi opened a new pull request #2725: HIVE-25617:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Commented] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Created] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "[pig-dev] 20211021 [GitHub] [pig] lujiefsi opened a new pull request #36: PIG-5417:Replace guava\u0027s Files.createTempDir()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Guava",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "32.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jonathan Leitschuh"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\u003c/p\u003e"
}
],
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-378",
"description": "CWE-378: Creation of Temporary File With Insecure Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T09:48:41.702Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz edited a comment on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] cgivre commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210619 [GitHub] [drill] luocooong commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Updated] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi opened a new pull request #3561: Yarn 10980",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hive-dev] 20211018 [jira] [Created] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi edited a comment on pull request #3561: YARN-10980:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Updated] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Work logged] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Comment Edited] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hive-gitbox] 20211018 [GitHub] [hive] lujiefsi opened a new pull request #2725: HIVE-25617:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Commented] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Created] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "[pig-dev] 20211021 [GitHub] [pig] lujiefsi opened a new pull request #36: PIG-5417:Replace guava\u0027s Files.createTempDir()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Temp directory permission issue in Guava",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8908",
"STATE": "PUBLIC",
"TITLE": "Temp directory permission issue in Guava"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Guava",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_name": "stable",
"version_value": "9.09.15"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Leitschuh"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-378: Creation of Temporary File With Insecure Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/guava/issues/4011",
"refsource": "CONFIRM",
"url": "https://github.com/google/guava/issues/4011"
},
{
"name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
"refsource": "CONFIRM",
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E"
},
{
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz edited a comment on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] cgivre commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210619 [GitHub] [drill] luocooong commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Updated] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi opened a new pull request #3561: Yarn 10980",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hive-dev] 20211018 [jira] [Created] (HIVE-25617) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi edited a comment on pull request #3561: YARN-10980:fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Updated] (HIVE-25617) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Work logged] (HIVE-25617) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Comment Edited] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hive-gitbox] 20211018 [GitHub] [hive] lujiefsi opened a new pull request #2725: HIVE-25617:fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Commented] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Created] (GEODE-9744) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug like CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) like CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "[pig-dev] 20211021 [GitHub] [pig] lujiefsi opened a new pull request #36: PIG-5417:Replace guava\u0027s Files.createTempDir()",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2020-8908",
"datePublished": "2020-12-10T22:10:58.000Z",
"dateReserved": "2020-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:12:10.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-8908",
"date": "2026-06-24",
"epss": "0.00964",
"percentile": "0.57078"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"32.0.0\", \"matchCriteriaId\": \"F0FA9B26-6D87-4FE1-B719-EC4770B5418D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.11.4\", \"matchCriteriaId\": \"89306BA8-9E5C-49F6-AB32-B78BE1D831F0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A3622F5-5976-4BBC-A147-FC8A6431EA79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADE6EF8F-1F05-429B-A916-76FDB20CEB81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A28F42F0-FBDA-4574-AD30-7A04F27FEA3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"129CA55C-C770-4D42-BD17-9011F3AC93C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9901F6BA-78D5-45B8-9409-07FF1C6DDD38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FADE563-5AAA-42FF-B43F-35B20A2386C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"20.3\", \"matchCriteriaId\": \"D04565AE-D092-4AE0-8FEE-0E8114662A1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E1E416B-920B-49A0-9523-382898C2979D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8AF00C6-B97F-414D-A8DF-057E6BFD8597\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0\", \"versionEndIncluding\": \"19.0\", \"matchCriteriaId\": \"B92BB355-DB00-438E-84E5-8EC007009576\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E463039-5E48-4AA0-A42B-081053FA0111\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.7\", \"versionEndIncluding\": \"17.12\", \"matchCriteriaId\": \"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202AD518-2E9B-4062-B063-9858AE1F9CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10864586-270E-4ACF-BDCC-ECFCD299305F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38340E3C-C452-4370-86D4-355B6B4E0A06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\", \"matchCriteriaId\": \"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\", \"matchCriteriaId\": \"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"B55E8D50-99B4-47EC-86F9-699B67D473CE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad en la creaci\\u00f3n de directorios temporales en todas las versiones de Guava, que permite a un atacante con acceso a la m\\u00e1quina acceder potencialmente a los datos de un directorio temporal creado por la API de Guava com.google.common.io.Files.createTempDir(). Por defecto, en los sistemas de tipo unix, el directorio creado es legible por el mundo (legible por un atacante con acceso al sistema). El m\\u00e9todo en cuesti\\u00f3n ha sido marcado como @Deprecated en las versiones 30.0 y posteriores y no debe ser utilizado. Para los desarrolladores de Android, recomendamos elegir una API de directorio temporal proporcionada por Android, como context.getCacheDir(). Para otros desarrolladores de Java, recomendamos migrar a la API de Java 7 java.nio.file.Files.createTempDirectory() que configura expl\\u00edcitamente los permisos de 700, o configurar la propiedad del sistema java.io.tmpdir del tiempo de ejecuci\\u00f3n de Java para que apunte a una ubicaci\\u00f3n cuyos permisos est\\u00e9n configurados adecuadamente\"}]",
"id": "CVE-2020-8908",
"lastModified": "2024-11-21T05:39:40.053",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cve-coordination@google.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.3, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.3, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-12-10T23:15:13.973",
"references": "[{\"url\": \"https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/google/guava/issues/4011\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220210-0003/\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/google/guava/issues/4011\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220210-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cve-coordination@google.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-378\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-732\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-8908\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2020-12-10T23:15:13.973\",\"lastModified\":\"2026-02-23T21:17:30.437\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad en la creaci\u00f3n de directorios temporales en todas las versiones de Guava, que permite a un atacante con acceso a la m\u00e1quina acceder potencialmente a los datos de un directorio temporal creado por la API de Guava com.google.common.io.Files.createTempDir(). Por defecto, en los sistemas de tipo unix, el directorio creado es legible por el mundo (legible por un atacante con acceso al sistema). El m\u00e9todo en cuesti\u00f3n ha sido marcado como @Deprecated en las versiones 30.0 y posteriores y no debe ser utilizado. Para los desarrolladores de Android, recomendamos elegir una API de directorio temporal proporcionada por Android, como context.getCacheDir(). Para otros desarrolladores de Java, recomendamos migrar a la API de Java 7 java.nio.file.Files.createTempDirectory() que configura expl\u00edcitamente los permisos de 700, o configurar la propiedad del sistema java.io.tmpdir del tiempo de ejecuci\u00f3n de Java para que apunte a una ubicaci\u00f3n cuyos permisos est\u00e9n configurados adecuadamente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-378\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"32.0.0\",\"matchCriteriaId\":\"F0FA9B26-6D87-4FE1-B719-EC4770B5418D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11.4\",\"matchCriteriaId\":\"89306BA8-9E5C-49F6-AB32-B78BE1D831F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A3622F5-5976-4BBC-A147-FC8A6431EA79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADE6EF8F-1F05-429B-A916-76FDB20CEB81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A28F42F0-FBDA-4574-AD30-7A04F27FEA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129CA55C-C770-4D42-BD17-9011F3AC93C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9901F6BA-78D5-45B8-9409-07FF1C6DDD38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FADE563-5AAA-42FF-B43F-35B20A2386C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.3\",\"matchCriteriaId\":\"D04565AE-D092-4AE0-8FEE-0E8114662A1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8AF00C6-B97F-414D-A8DF-057E6BFD8597\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0\",\"versionEndIncluding\":\"19.0\",\"matchCriteriaId\":\"B92BB355-DB00-438E-84E5-8EC007009576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E463039-5E48-4AA0-A42B-081053FA0111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"}]}]}],\"references\":[{\"url\":\"https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/google/guava/issues/4011\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0003/\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/google/guava/issues/4011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
GSD-2020-8908
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-8908",
"description": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.",
"id": "GSD-2020-8908",
"references": [
"https://www.suse.com/security/cve/CVE-2020-8908.html",
"https://access.redhat.com/errata/RHSA-2021:4702",
"https://access.redhat.com/errata/RHSA-2021:2210",
"https://access.redhat.com/errata/RHSA-2021:0974",
"https://access.redhat.com/errata/RHSA-2021:0885",
"https://access.redhat.com/errata/RHSA-2021:0874",
"https://access.redhat.com/errata/RHSA-2021:0873",
"https://access.redhat.com/errata/RHSA-2021:0872",
"https://access.redhat.com/errata/RHSA-2021:0417",
"https://advisories.mageia.org/CVE-2020-8908.html",
"https://access.redhat.com/errata/RHSA-2022:1013",
"https://access.redhat.com/errata/RHSA-2022:1029"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-8908"
],
"details": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n",
"id": "GSD-2020-8908",
"modified": "2023-12-13T01:21:54.399748Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Guava",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.0",
"version_value": "32.0"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Jonathan Leitschuh"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-378",
"lang": "eng",
"value": "CWE-378: Creation of Temporary File With Insecure Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/guava/issues/4011",
"refsource": "MISC",
"url": "https://github.com/google/guava/issues/4011"
},
{
"name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
"refsource": "MISC",
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,30.0)",
"affected_versions": "All versions before 30.0",
"cvss_v2": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-732",
"CWE-937"
],
"date": "2021-12-10",
"description": "A temp directory creation vulnerability exist in Guava allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`.` The permissions granted to the directory created default to the standard unix-like `/tmp` ones, leaving the files open.",
"fixed_versions": [
"30.0"
],
"identifier": "CVE-2020-8908",
"identifiers": [
"CVE-2020-8908"
],
"not_impacted": "All versions starting from 30.0",
"package_slug": "maven/com.google.guava/guava",
"pubdate": "2020-12-10",
"solution": "Upgrade to version 30.0 or above.",
"title": "Incorrect Permission Assignment for Critical Resource",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
],
"uuid": "a9478501-d29b-4011-a1d1-ccee593a74e9"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.11.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0",
"versionStartIncluding": "16.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8908"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"name": "https://github.com/google/guava/issues/4011",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2023-08-02T17:30Z",
"publishedDate": "2020-12-10T23:15Z"
}
}
}
MSRC_CVE-2020-8908
Vulnerability from csaf_microsoft - Published: 2020-12-02 00:00 - Updated: 2023-04-07 00:00Summary
Temp directory permission issue in Guava
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
CWE-732
- Incorrect Permission Assignment for Critical Resource
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 19191-17086 | — | ||
| Unresolved product id: 19192-17086 | — |
Known affected
2 products
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2020-8908 Temp directory permission issue in Guava - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-8908.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Temp directory permission issue in Guava",
"tracking": {
"current_release_date": "2023-04-07T00:00:00.000Z",
"generator": {
"date": "2025-10-19T18:13:45.021Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2020-8908",
"initial_release_date": "2020-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2023-04-07T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 guava 25.0-7",
"product": {
"name": "\u003ccbl2 guava 25.0-7",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 guava 25.0-7",
"product": {
"name": "cbl2 guava 25.0-7",
"product_id": "19191"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 guava 25.0-5",
"product": {
"name": "\u003ccbl2 guava 25.0-5",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 guava 25.0-5",
"product": {
"name": "cbl2 guava 25.0-5",
"product_id": "19192"
}
}
],
"category": "product_name",
"name": "guava"
},
{
"category": "product_name",
"name": "azl3 javapackages-bootstrap 1.14.0-3",
"product": {
"name": "azl3 javapackages-bootstrap 1.14.0-3",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 guava 25.0-7 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 guava 25.0-7 as a component of CBL Mariner 2.0",
"product_id": "19191-17086"
},
"product_reference": "19191",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 guava 25.0-5 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 guava 25.0-5 as a component of CBL Mariner 2.0",
"product_id": "19192-17086"
},
"product_reference": "19192",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 javapackages-bootstrap 1.14.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "Google",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19191-17086",
"19192-17086"
],
"known_affected": [
"17086-3",
"17086-2"
],
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-8908 Temp directory permission issue in Guava - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-8908.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-07T00:00:00.000Z",
"details": "25.0-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2023-04-07T00:00:00.000Z",
"details": "25.0-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"17086-3",
"17086-2"
]
}
],
"title": "Temp directory permission issue in Guava"
}
]
}
OPENSUSE-SU-2024:10835-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
guava-30.1.1-1.2 on GA media
Severity
Moderate
Notes
Title of the patch: guava-30.1.1-1.2 on GA media
Description of the patch: These are all security issues fixed in the guava-30.1.1-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10835
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "guava-30.1.1-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the guava-30.1.1-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10835",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10835-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8908 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8908/"
}
],
"title": "guava-30.1.1-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10835-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.aarch64",
"product": {
"name": "guava-30.1.1-1.2.aarch64",
"product_id": "guava-30.1.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.aarch64",
"product": {
"name": "guava-javadoc-30.1.1-1.2.aarch64",
"product_id": "guava-javadoc-30.1.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.aarch64",
"product": {
"name": "guava-testlib-30.1.1-1.2.aarch64",
"product_id": "guava-testlib-30.1.1-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.ppc64le",
"product": {
"name": "guava-30.1.1-1.2.ppc64le",
"product_id": "guava-30.1.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.ppc64le",
"product": {
"name": "guava-javadoc-30.1.1-1.2.ppc64le",
"product_id": "guava-javadoc-30.1.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.ppc64le",
"product": {
"name": "guava-testlib-30.1.1-1.2.ppc64le",
"product_id": "guava-testlib-30.1.1-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.s390x",
"product": {
"name": "guava-30.1.1-1.2.s390x",
"product_id": "guava-30.1.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.s390x",
"product": {
"name": "guava-javadoc-30.1.1-1.2.s390x",
"product_id": "guava-javadoc-30.1.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.s390x",
"product": {
"name": "guava-testlib-30.1.1-1.2.s390x",
"product_id": "guava-testlib-30.1.1-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.x86_64",
"product": {
"name": "guava-30.1.1-1.2.x86_64",
"product_id": "guava-30.1.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.x86_64",
"product": {
"name": "guava-javadoc-30.1.1-1.2.x86_64",
"product_id": "guava-javadoc-30.1.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.x86_64",
"product": {
"name": "guava-testlib-30.1.1-1.2.x86_64",
"product_id": "guava-testlib-30.1.1-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64"
},
"product_reference": "guava-30.1.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le"
},
"product_reference": "guava-30.1.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.s390x"
},
"product_reference": "guava-30.1.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64"
},
"product_reference": "guava-30.1.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64"
},
"product_reference": "guava-javadoc-30.1.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le"
},
"product_reference": "guava-javadoc-30.1.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x"
},
"product_reference": "guava-javadoc-30.1.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64"
},
"product_reference": "guava-javadoc-30.1.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64"
},
"product_reference": "guava-testlib-30.1.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le"
},
"product_reference": "guava-testlib-30.1.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x"
},
"product_reference": "guava-testlib-30.1.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
},
"product_reference": "guava-testlib-30.1.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8908"
}
],
"notes": [
{
"category": "general",
"text": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8908",
"url": "https://www.suse.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "SUSE Bug 1179926 for CVE-2020-8908",
"url": "https://bugzilla.suse.com/1179926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2020-8908"
}
]
}
RHSA-2021:0417
Vulnerability from csaf_redhat - Published: 2021-02-04 13:36 - Updated: 2026-06-15 18:47Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.8.1 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Broker 7.8.1 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.8.1 serves as a replacement for Red Hat AMQ Broker 7.8.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A prototype pollution vulnerability was found in AngularJS. A remote attacker could abuse this flaw by providing malicious input to the merge() function by overriding or adding properties of the Object.prototype, allowing possible injection of code.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "\<option\>" elements in "\<select\>" ones changes parsing behavior, leading to possibly unsanitizing code.
5.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in AMQ 7 broker, where it allows users using the OpenWire protocol to bypass the usual permissions checks. This flaw allows an unprivileged user to create queues without verifying the role. The highest threat from this vulnerability is to integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
30 references
Acknowledgments
Red Hat
Francesco Marchioni
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.8.1 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. \n\nThis release of Red Hat AMQ Broker 7.8.1 serves as a replacement for Red Hat AMQ Broker 7.8.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0417",
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.8.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.8.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.8/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.8/"
},
{
"category": "external",
"summary": "1902826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902826"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0417.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.8.1 release and security update",
"tracking": {
"current_release_date": "2026-06-15T18:47:05+00:00",
"generator": {
"date": "2026-06-15T18:47:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2021:0417",
"initial_release_date": "2021-02-04T13:36:09+00:00",
"revision_history": [
{
"date": "2021-02-04T13:36:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-04T13:36:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-15T18:47:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ 7.8.1",
"product": {
"name": "Red Hat AMQ 7.8.1",
"product_id": "Red Hat AMQ 7.8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10768",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1813309"
}
],
"notes": [
{
"category": "description",
"text": "A prototype pollution vulnerability was found in AngularJS. A remote attacker could abuse this flaw by providing malicious input to the merge() function by overriding or adding properties of the Object.prototype, allowing possible injection of code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "AngularJS: Prototype pollution in merge function could result in code injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst servicemesh-grafana, and grafana-container both include a vulnerable version of angular.js (v1.6.6) the impact is lowered due to Grafana not directly implementing the angular.merge function.\n\nQuay does not contain the affected vulnerable code pattern.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10768"
},
{
"category": "external",
"summary": "RHBZ#1813309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813309"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10768",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10768"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10768",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10768"
},
{
"category": "external",
"summary": "https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3",
"url": "https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3"
}
],
"release_date": "2019-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "AngularJS: Prototype pollution in merge function could result in code injection"
},
{
"cve": "CVE-2020-7676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1849206"
}
],
"notes": [
{
"category": "description",
"text": "A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping \"\\\u003coption\\\u003e\" elements in \"\\\u003cselect\\\u003e\" ones changes parsing behavior, leading to possibly unsanitizing code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-angular: XSS due to regex-based HTML replacement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Quay does not contain the affected component usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7676"
},
{
"category": "external",
"summary": "RHBZ#1849206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7676",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058",
"url": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058"
}
],
"release_date": "2020-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-angular: XSS due to regex-based HTML replacement"
},
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"cve": "CVE-2020-27218",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2020-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902826"
}
],
"notes": [
{
"category": "description",
"text": "In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: buffer not correctly recycled in Gzip Request inflation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of jetty.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27218"
},
{
"category": "external",
"summary": "RHBZ#1902826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27218"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8"
}
],
"release_date": "2020-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: buffer not correctly recycled in Gzip Request inflation"
},
{
"acknowledgments": [
{
"names": [
"Francesco Marchioni"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-26118",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1892384"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in AMQ 7 broker, where it allows users using the OpenWire protocol to bypass the usual permissions checks. This flaw allows an unprivileged user to create queues without verifying the role. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "7: OpenWire can create destinations with an unpriviledged user",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26118"
},
{
"category": "external",
"summary": "RHBZ#1892384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892384"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26118"
}
],
"release_date": "2020-10-28T12:25:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
},
{
"category": "workaround",
"details": "If you are not using the openwire protocol, it can be disabled by removing it from the list of accepted protocols in the `broker.xml`\n```xml\n\u003cacceptor name=\"artemis\"\u003etcp://0.0.0.0:61616?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;amqpMinLargeMessageSize=102400;protocols=CORE,AMQP,STOMP,HORNETQ,MQTT;useEpoll=true;amqpCredits=1000;amqpLowCredits=300;amqpDuplicateDetection=true\u003c/acceptor\u003e\n```",
"product_ids": [
"Red Hat AMQ 7.8.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "7: OpenWire can create destinations with an unpriviledged user"
}
]
}
RHSA-2021:0872
Vulnerability from csaf_redhat - Published: 2021-03-16 13:41 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
4.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
52 references
Acknowledgments
Red Hat
Aaron Ogburn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0872",
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "JBEAP-20336",
"url": "https://issues.redhat.com/browse/JBEAP-20336"
},
{
"category": "external",
"summary": "JBEAP-20628",
"url": "https://issues.redhat.com/browse/JBEAP-20628"
},
{
"category": "external",
"summary": "JBEAP-20672",
"url": "https://issues.redhat.com/browse/JBEAP-20672"
},
{
"category": "external",
"summary": "JBEAP-20694",
"url": "https://issues.redhat.com/browse/JBEAP-20694"
},
{
"category": "external",
"summary": "JBEAP-20695",
"url": "https://issues.redhat.com/browse/JBEAP-20695"
},
{
"category": "external",
"summary": "JBEAP-20715",
"url": "https://issues.redhat.com/browse/JBEAP-20715"
},
{
"category": "external",
"summary": "JBEAP-20762",
"url": "https://issues.redhat.com/browse/JBEAP-20762"
},
{
"category": "external",
"summary": "JBEAP-20791",
"url": "https://issues.redhat.com/browse/JBEAP-20791"
},
{
"category": "external",
"summary": "JBEAP-20795",
"url": "https://issues.redhat.com/browse/JBEAP-20795"
},
{
"category": "external",
"summary": "JBEAP-20802",
"url": "https://issues.redhat.com/browse/JBEAP-20802"
},
{
"category": "external",
"summary": "JBEAP-20805",
"url": "https://issues.redhat.com/browse/JBEAP-20805"
},
{
"category": "external",
"summary": "JBEAP-20815",
"url": "https://issues.redhat.com/browse/JBEAP-20815"
},
{
"category": "external",
"summary": "JBEAP-20816",
"url": "https://issues.redhat.com/browse/JBEAP-20816"
},
{
"category": "external",
"summary": "JBEAP-20883",
"url": "https://issues.redhat.com/browse/JBEAP-20883"
},
{
"category": "external",
"summary": "JBEAP-20887",
"url": "https://issues.redhat.com/browse/JBEAP-20887"
},
{
"category": "external",
"summary": "JBEAP-20908",
"url": "https://issues.redhat.com/browse/JBEAP-20908"
},
{
"category": "external",
"summary": "JBEAP-20918",
"url": "https://issues.redhat.com/browse/JBEAP-20918"
},
{
"category": "external",
"summary": "JBEAP-20941",
"url": "https://issues.redhat.com/browse/JBEAP-20941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0872.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:43+00:00",
"generator": {
"date": "2026-05-14T22:30:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0872",
"initial_release_date": "2021-03-16T13:41:30+00:00",
"revision_history": [
{
"date": "2021-03-16T13:41:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-16T13:41:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.6-1.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.6-1.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@30.1.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
RHSA-2021:0873
Vulnerability from csaf_redhat - Published: 2021-03-16 13:37 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
4.8 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
52 references
Acknowledgments
Red Hat
Aaron Ogburn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0873",
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "JBEAP-20336",
"url": "https://issues.redhat.com/browse/JBEAP-20336"
},
{
"category": "external",
"summary": "JBEAP-20628",
"url": "https://issues.redhat.com/browse/JBEAP-20628"
},
{
"category": "external",
"summary": "JBEAP-20672",
"url": "https://issues.redhat.com/browse/JBEAP-20672"
},
{
"category": "external",
"summary": "JBEAP-20694",
"url": "https://issues.redhat.com/browse/JBEAP-20694"
},
{
"category": "external",
"summary": "JBEAP-20695",
"url": "https://issues.redhat.com/browse/JBEAP-20695"
},
{
"category": "external",
"summary": "JBEAP-20716",
"url": "https://issues.redhat.com/browse/JBEAP-20716"
},
{
"category": "external",
"summary": "JBEAP-20762",
"url": "https://issues.redhat.com/browse/JBEAP-20762"
},
{
"category": "external",
"summary": "JBEAP-20791",
"url": "https://issues.redhat.com/browse/JBEAP-20791"
},
{
"category": "external",
"summary": "JBEAP-20795",
"url": "https://issues.redhat.com/browse/JBEAP-20795"
},
{
"category": "external",
"summary": "JBEAP-20802",
"url": "https://issues.redhat.com/browse/JBEAP-20802"
},
{
"category": "external",
"summary": "JBEAP-20805",
"url": "https://issues.redhat.com/browse/JBEAP-20805"
},
{
"category": "external",
"summary": "JBEAP-20815",
"url": "https://issues.redhat.com/browse/JBEAP-20815"
},
{
"category": "external",
"summary": "JBEAP-20816",
"url": "https://issues.redhat.com/browse/JBEAP-20816"
},
{
"category": "external",
"summary": "JBEAP-20883",
"url": "https://issues.redhat.com/browse/JBEAP-20883"
},
{
"category": "external",
"summary": "JBEAP-20887",
"url": "https://issues.redhat.com/browse/JBEAP-20887"
},
{
"category": "external",
"summary": "JBEAP-20908",
"url": "https://issues.redhat.com/browse/JBEAP-20908"
},
{
"category": "external",
"summary": "JBEAP-20918",
"url": "https://issues.redhat.com/browse/JBEAP-20918"
},
{
"category": "external",
"summary": "JBEAP-20941",
"url": "https://issues.redhat.com/browse/JBEAP-20941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0873.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:44+00:00",
"generator": {
"date": "2026-05-14T22:30:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0873",
"initial_release_date": "2021-03-16T13:37:13+00:00",
"revision_history": [
{
"date": "2021-03-16T13:37:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-16T13:37:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@30.1.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
RHSA-2021:0874
Vulnerability from csaf_redhat - Published: 2021-03-16 13:38 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
4.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
52 references
Acknowledgments
Red Hat
Aaron Ogburn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0874",
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "JBEAP-20336",
"url": "https://issues.redhat.com/browse/JBEAP-20336"
},
{
"category": "external",
"summary": "JBEAP-20628",
"url": "https://issues.redhat.com/browse/JBEAP-20628"
},
{
"category": "external",
"summary": "JBEAP-20672",
"url": "https://issues.redhat.com/browse/JBEAP-20672"
},
{
"category": "external",
"summary": "JBEAP-20694",
"url": "https://issues.redhat.com/browse/JBEAP-20694"
},
{
"category": "external",
"summary": "JBEAP-20695",
"url": "https://issues.redhat.com/browse/JBEAP-20695"
},
{
"category": "external",
"summary": "JBEAP-20717",
"url": "https://issues.redhat.com/browse/JBEAP-20717"
},
{
"category": "external",
"summary": "JBEAP-20762",
"url": "https://issues.redhat.com/browse/JBEAP-20762"
},
{
"category": "external",
"summary": "JBEAP-20791",
"url": "https://issues.redhat.com/browse/JBEAP-20791"
},
{
"category": "external",
"summary": "JBEAP-20795",
"url": "https://issues.redhat.com/browse/JBEAP-20795"
},
{
"category": "external",
"summary": "JBEAP-20802",
"url": "https://issues.redhat.com/browse/JBEAP-20802"
},
{
"category": "external",
"summary": "JBEAP-20805",
"url": "https://issues.redhat.com/browse/JBEAP-20805"
},
{
"category": "external",
"summary": "JBEAP-20815",
"url": "https://issues.redhat.com/browse/JBEAP-20815"
},
{
"category": "external",
"summary": "JBEAP-20816",
"url": "https://issues.redhat.com/browse/JBEAP-20816"
},
{
"category": "external",
"summary": "JBEAP-20883",
"url": "https://issues.redhat.com/browse/JBEAP-20883"
},
{
"category": "external",
"summary": "JBEAP-20887",
"url": "https://issues.redhat.com/browse/JBEAP-20887"
},
{
"category": "external",
"summary": "JBEAP-20908",
"url": "https://issues.redhat.com/browse/JBEAP-20908"
},
{
"category": "external",
"summary": "JBEAP-20918",
"url": "https://issues.redhat.com/browse/JBEAP-20918"
},
{
"category": "external",
"summary": "JBEAP-20941",
"url": "https://issues.redhat.com/browse/JBEAP-20941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0874.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:43+00:00",
"generator": {
"date": "2026-05-14T22:30:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0874",
"initial_release_date": "2021-03-16T13:38:36+00:00",
"revision_history": [
{
"date": "2021-03-16T13:38:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-16T13:38:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product": {
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.25-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.25-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.25-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.25-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.25-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-9.redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-5.Final_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@30.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.6-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.6-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:38:36+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:38:36+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:38:36+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:38:36+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:38:36+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:38:36+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0874"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
RHSA-2021:0885
Vulnerability from csaf_redhat - Published: 2021-03-16 13:19 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
52 references
Acknowledgments
Red Hat
Aaron Ogburn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0885",
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "JBEAP-20336",
"url": "https://issues.redhat.com/browse/JBEAP-20336"
},
{
"category": "external",
"summary": "JBEAP-20628",
"url": "https://issues.redhat.com/browse/JBEAP-20628"
},
{
"category": "external",
"summary": "JBEAP-20672",
"url": "https://issues.redhat.com/browse/JBEAP-20672"
},
{
"category": "external",
"summary": "JBEAP-20694",
"url": "https://issues.redhat.com/browse/JBEAP-20694"
},
{
"category": "external",
"summary": "JBEAP-20695",
"url": "https://issues.redhat.com/browse/JBEAP-20695"
},
{
"category": "external",
"summary": "JBEAP-20762",
"url": "https://issues.redhat.com/browse/JBEAP-20762"
},
{
"category": "external",
"summary": "JBEAP-20791",
"url": "https://issues.redhat.com/browse/JBEAP-20791"
},
{
"category": "external",
"summary": "JBEAP-20795",
"url": "https://issues.redhat.com/browse/JBEAP-20795"
},
{
"category": "external",
"summary": "JBEAP-20802",
"url": "https://issues.redhat.com/browse/JBEAP-20802"
},
{
"category": "external",
"summary": "JBEAP-20805",
"url": "https://issues.redhat.com/browse/JBEAP-20805"
},
{
"category": "external",
"summary": "JBEAP-20815",
"url": "https://issues.redhat.com/browse/JBEAP-20815"
},
{
"category": "external",
"summary": "JBEAP-20816",
"url": "https://issues.redhat.com/browse/JBEAP-20816"
},
{
"category": "external",
"summary": "JBEAP-20883",
"url": "https://issues.redhat.com/browse/JBEAP-20883"
},
{
"category": "external",
"summary": "JBEAP-20887",
"url": "https://issues.redhat.com/browse/JBEAP-20887"
},
{
"category": "external",
"summary": "JBEAP-20908",
"url": "https://issues.redhat.com/browse/JBEAP-20908"
},
{
"category": "external",
"summary": "JBEAP-20918",
"url": "https://issues.redhat.com/browse/JBEAP-20918"
},
{
"category": "external",
"summary": "JBEAP-20941",
"url": "https://issues.redhat.com/browse/JBEAP-20941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0885.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:43+00:00",
"generator": {
"date": "2026-05-14T22:30:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0885",
"initial_release_date": "2021-03-16T13:19:20+00:00",
"revision_history": [
{
"date": "2021-03-16T13:19:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-16T13:19:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:19:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:19:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:19:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:19:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:19:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:19:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0885"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
RHSA-2021:0974
Vulnerability from csaf_redhat - Published: 2021-03-23 14:17 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.4.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676)
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
* keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "\<option\>" elements in "\<select\>" ones changes parsing behavior, leading to possibly unsanitizing code.
5.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in Keycloak, where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter. This flaw allows a malicious user to perform replay attacks.
CWE-294 - Authentication Bypass by Capture-replayAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.4.6
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
41 references
Acknowledgments
Chair for Network and Data Security at Ruhr University Bochum
Lauritz Holtmann
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676)\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)\n\n* keycloak: reusable \"state\" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0974",
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/"
},
{
"category": "external",
"summary": "1849206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849206"
},
{
"category": "external",
"summary": "1849584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849584"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0974.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.4.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:50+00:00",
"generator": {
"date": "2026-05-14T22:30:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0974",
"initial_release_date": "2021-03-23T14:17:45+00:00",
"revision_history": [
{
"date": "2021-03-23T14:17:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-23T14:17:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.4.6",
"product": {
"name": "Red Hat Single Sign-On 7.4.6",
"product_id": "Red Hat Single Sign-On 7.4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1849206"
}
],
"notes": [
{
"category": "description",
"text": "A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping \"\\\u003coption\\\u003e\" elements in \"\\\u003cselect\\\u003e\" ones changes parsing behavior, leading to possibly unsanitizing code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-angular: XSS due to regex-based HTML replacement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Quay does not contain the affected component usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7676"
},
{
"category": "external",
"summary": "RHBZ#1849206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7676",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058",
"url": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058"
}
],
"release_date": "2020-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-angular: XSS due to regex-based HTML replacement"
},
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Lauritz Holtmann"
],
"organization": "Chair for Network and Data Security at Ruhr University Bochum"
}
],
"cve": "CVE-2020-14302",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"discovery_date": "2020-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1849584"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same \"state\" parameter. This flaw allows a malicious user to perform replay attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reusable \"state\" parameter at redirect_uri endpoint enables possibility of replay attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14302"
},
{
"category": "external",
"summary": "RHBZ#1849584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14302",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14302"
}
],
"release_date": "2020-11-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: reusable \"state\" parameter at redirect_uri endpoint enables possibility of replay attacks"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-23T14:17:45+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
RHSA-2021:2210
Vulnerability from csaf_redhat - Published: 2021-06-02 14:23 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: EAP XP 1 security update to CVE fixes in the EAP 7.3.x base
Severity
Moderate
Notes
Topic: This advisory resolves CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP1 code base.
NOTE: This advisory is informational only. There are no code changes associated with it. No action is required.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: These are CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP1 code base.
Security Fix(es):
* velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* netty: Information disclosure via the local system temporary directory (CVE-2021-21290)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure.
6.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat EAP-XP via EAP 7.3.x base
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jbosseapxp
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This advisory resolves CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP1 code base.\n\nNOTE: This advisory is informational only. There are no code changes associated with it. No action is required.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "These are CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP1 code base.\n\nSecurity Fix(es):\n\n* velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:2210",
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/5734021",
"url": "https://access.redhat.com/articles/5734021"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/5886431",
"url": "https://access.redhat.com/articles/5886431"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1927028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927028"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "1937440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937440"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2210.json"
}
],
"title": "Red Hat Security Advisory: EAP XP 1 security update to CVE fixes in the EAP 7.3.x base",
"tracking": {
"current_release_date": "2026-05-14T22:30:46+00:00",
"generator": {
"date": "2026-05-14T22:30:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:2210",
"initial_release_date": "2021-06-02T14:23:22+00:00",
"revision_history": [
{
"date": "2021-06-02T14:23:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-06-02T14:23:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat EAP-XP via EAP 7.3.x base",
"product": {
"name": "Red Hat EAP-XP via EAP 7.3.x base",
"product_id": "Red Hat EAP-XP via EAP 7.3.x base",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jbosseapxp"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"cve": "CVE-2020-13936",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2021-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1937440"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "velocity: arbitrary code execution when attacker is able to modify templates",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) openshift-logging/elasticsearch6-rhel8 container does contain a vulnerable version of velocity. The references to the library only occur in the x-pack component which is an enterprise-only feature of Elasticsearch - hence it has been marked as wontfix as this time and may be fixed in a future release. Additionally the hive container only references velocity in the testutils of the code but the code still exists in the container, as such it has been given a Moderate impact.\n\n* Velocity as shipped with Red Hat Enterprise Linux 6 is not affected because it does not contain the vulnerable code.\n\n* Velocity as shipped with Red Hat Enterprise Linux 7 contains a vulnerable version, but it is used as a dependency for IdM/ipa, which does not use the vulnerable functionality. It has been marked as Moderate for this reason.\n\n* Although velocity shipped in Red Hat Enterprise Linux 8\u0027s pki-deps:10.6 for IdM/ipa is a vulnerable version, the vulnerable code is not used by pki. It has been marked as Low for this reason.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13936"
},
{
"category": "external",
"summary": "RHBZ#1937440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13936"
}
],
"release_date": "2021-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "velocity: arbitrary code execution when attacker is able to modify templates"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
},
{
"cve": "CVE-2021-21290",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1927028"
}
],
"notes": [
{
"category": "description",
"text": "In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty\u0027s multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Information disclosure via the local system temporary directory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-21290"
},
{
"category": "external",
"summary": "RHBZ#1927028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21290"
}
],
"release_date": "2021-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-02T14:23:22+00:00",
"details": "This advisory is informational only. There are no code changes associated with it. No action is required.",
"product_ids": [
"Red Hat EAP-XP via EAP 7.3.x base"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2210"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat EAP-XP via EAP 7.3.x base"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Information disclosure via the local system temporary directory"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…