Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-9589 (GCVE-0-2016-9589)
Vulnerability from cvelistv5 – Published: 2018-03-12 15:00 – Updated: 2024-08-06 02:59
VLAI?
EPSS
Summary
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
Severity ?
No CVSS data available.
CWE
Assigner
References
13 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | wildfly |
Affected:
11.0.0.Beta1
|
Date Public ?
2017-03-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:02.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0831",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"name": "RHSA-2017:0876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
},
{
"name": "RHSA-2017:0834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"name": "RHSA-2017:3458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:0832",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"name": "97060",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97060"
},
{
"name": "RHSA-2017:3455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "RHSA-2017:0873",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"name": "RHSA-2017:3454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
},
{
"name": "RHSA-2017:0872",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wildfly",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "11.0.0.Beta1"
}
]
}
],
"datePublic": "2017-03-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-13T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:0831",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"name": "RHSA-2017:0876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
},
{
"name": "RHSA-2017:0834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"name": "RHSA-2017:3458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:0832",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"name": "97060",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97060"
},
{
"name": "RHSA-2017:3455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "RHSA-2017:0873",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"name": "RHSA-2017:3454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
},
{
"name": "RHSA-2017:0872",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9589",
"datePublished": "2018-03-12T15:00:00.000Z",
"dateReserved": "2016-11-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:02.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-9589",
"date": "2026-05-19",
"epss": "0.02193",
"percentile": "0.84584"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_wildfly_application_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.1.0\", \"matchCriteriaId\": \"AFA3794D-ABF9-435A-9F91-6491F436CAC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_wildfly_application_server:11.0.0:alpha1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D328974-0F84-4D35-B2E4-0E766AC40E71\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \\\"max-headers\\\" (default 200) * \\\"max-header-size\\\" (default 1MB) per active TCP connection.\"}, {\"lang\": \"es\", \"value\": \"Undertow en Red Hat wildfly, en versiones anteriores a la 11.0.0.Beta1, es vulnerable a un agotamiento de recursos, lo cual resulta en una denegaci\\u00f3n de servicio (DoS). Undertow mantiene una cach\\u00e9 de las cabeceras HTTP vistas en conexiones persistentes. Se ha descubierto que esta cach\\u00e9 puede ser explotada f\\u00e1cilmente para llenar la memoria con elementos no utilizados, hasta \\\"max-headers\\\" (200 por defecto) * \\\"max-header-size\\\" (1MB por defecto) por conexi\\u00f3n TCP activa.\"}]",
"id": "CVE-2016-9589",
"lastModified": "2024-11-21T03:01:27.900",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-03-12T15:29:00.273",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0830.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0831.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0832.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0834.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0876.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97060\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0872\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0873\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3454\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3455\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3456\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3458\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1404782\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0830.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0831.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0832.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0834.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0876.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97060\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0872\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0873\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3454\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3455\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3456\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3458\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1404782\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9589\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-03-12T15:29:00.273\",\"lastModified\":\"2024-11-21T03:01:27.900\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \\\"max-headers\\\" (default 200) * \\\"max-header-size\\\" (default 1MB) per active TCP connection.\"},{\"lang\":\"es\",\"value\":\"Undertow en Red Hat wildfly, en versiones anteriores a la 11.0.0.Beta1, es vulnerable a un agotamiento de recursos, lo cual resulta en una denegaci\u00f3n de servicio (DoS). Undertow mantiene una cach\u00e9 de las cabeceras HTTP vistas en conexiones persistentes. Se ha descubierto que esta cach\u00e9 puede ser explotada f\u00e1cilmente para llenar la memoria con elementos no utilizados, hasta \\\"max-headers\\\" (200 por defecto) * \\\"max-header-size\\\" (1MB por defecto) por conexi\u00f3n TCP activa.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_wildfly_application_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.1.0\",\"matchCriteriaId\":\"AFA3794D-ABF9-435A-9F91-6491F436CAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_wildfly_application_server:11.0.0:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D328974-0F84-4D35-B2E4-0E766AC40E71\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0830.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0831.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0832.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0834.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0876.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97060\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0872\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0873\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3454\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3455\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3456\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3458\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1404782\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0830.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0831.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0834.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0876.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97060\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0873\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3454\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1404782\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}"
}
}
CNVD-2017-05279
Vulnerability from cnvd - Published: 2017-04-25
VLAI Severity ?
Title
Redhat Wildfly拒绝服务漏洞
Description
Red Hat Wildfly(前称JBoss Application Server)是美国红帽(Red Hat)公司的一款基于JavaEE的开源应用服务器。
Redhat Wildfly存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务。
Severity
中
Patch Name
Redhat Wildfly拒绝服务漏洞的补丁
Patch Description
Red Hat Wildfly(前称JBoss Application Server)是美国红帽(Red Hat)公司的一款基于JavaEE的开源应用服务器。
Redhat Wildfly存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://bugzilla.redhat.com/show_bug.cgi?id=1404782
Reference
http://www.securityfocus.com/bid/97060
Impacted products
| Name | Red Hat Wildfly |
|---|
{
"bids": {
"bid": {
"bidNumber": "97060"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2016-9589",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9589"
}
},
"description": "Red Hat Wildfly\uff08\u524d\u79f0JBoss Application Server\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8eJavaEE\u7684\u5f00\u6e90\u5e94\u7528\u670d\u52a1\u5668\u3002\r\n\r\nRedhat Wildfly\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Gabriel Lavoie (Halogen Software)",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1404782",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-05279",
"openTime": "2017-04-25",
"patchDescription": "Red Hat Wildfly\uff08\u524d\u79f0JBoss Application Server\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8eJavaEE\u7684\u5f00\u6e90\u5e94\u7528\u670d\u52a1\u5668\u3002\r\n\r\nRedhat Wildfly\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Redhat Wildfly\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Red Hat Wildfly"
},
"referenceLink": "http://www.securityfocus.com/bid/97060",
"serverity": "\u4e2d",
"submitTime": "2017-03-28",
"title": "Redhat Wildfly\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
FKIE_CVE-2016-9589
Vulnerability from fkie_nvd - Published: 2018-03-12 15:29 - Updated: 2024-11-21 03:01
Severity ?
Summary
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | jboss_wildfly_application_server | * | |
| redhat | jboss_wildfly_application_server | 11.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_wildfly_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA3794D-ABF9-435A-9F91-6491F436CAC9",
"versionEndIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_wildfly_application_server:11.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "6D328974-0F84-4D35-B2E4-0E766AC40E71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection."
},
{
"lang": "es",
"value": "Undertow en Red Hat wildfly, en versiones anteriores a la 11.0.0.Beta1, es vulnerable a un agotamiento de recursos, lo cual resulta en una denegaci\u00f3n de servicio (DoS). Undertow mantiene una cach\u00e9 de las cabeceras HTTP vistas en conexiones persistentes. Se ha descubierto que esta cach\u00e9 puede ser explotada f\u00e1cilmente para llenar la memoria con elementos no utilizados, hasta \"max-headers\" (200 por defecto) * \"max-header-size\" (1MB por defecto) por conexi\u00f3n TCP activa."
}
],
"id": "CVE-2016-9589",
"lastModified": "2024-11-21T03:01:27.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-12T15:29:00.273",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97060"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-P4XG-CPR9-VWVJ
Vulnerability from github – Published: 2022-05-13 01:38 – Updated: 2023-11-02 16:05
VLAI?
Summary
Red Hat Wildfly DoS
Details
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.wildfly:wildfly-undertow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.0.Beta1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-9589"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-28T21:38:39Z",
"nvd_published_at": "2018-03-12T15:29:00Z",
"severity": "HIGH"
},
"details": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection.",
"id": "GHSA-p4xg-cpr9-vwvj",
"modified": "2023-11-02T16:05:42Z",
"published": "2022-05-13T01:38:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"type": "PACKAGE",
"url": "https://github.com/wildfly/wildfly"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20200227180917/https://www.securityfocus.com/bid/97060"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Red Hat Wildfly DoS"
}
GSD-2016-9589
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-9589",
"description": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection.",
"id": "GSD-2016-9589",
"references": [
"https://access.redhat.com/errata/RHSA-2017:3458",
"https://access.redhat.com/errata/RHSA-2017:3456",
"https://access.redhat.com/errata/RHSA-2017:3455",
"https://access.redhat.com/errata/RHSA-2017:3454",
"https://access.redhat.com/errata/RHSA-2017:0876",
"https://access.redhat.com/errata/RHSA-2017:0873",
"https://access.redhat.com/errata/RHSA-2017:0872",
"https://access.redhat.com/errata/RHSA-2017:0834",
"https://access.redhat.com/errata/RHSA-2017:0832",
"https://access.redhat.com/errata/RHSA-2017:0831",
"https://access.redhat.com/errata/RHSA-2017:0830"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-9589"
],
"details": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection.",
"id": "GSD-2016-9589",
"modified": "2023-12-13T01:21:21.283140Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-9589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wildfly",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0.Beta1"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-400",
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2017:3454",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:3455",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:3456",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:3458",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2017-0830.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2017-0831.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2017-0832.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2017-0834.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2017-0876.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
},
{
"name": "http://www.securityfocus.com/bid/97060",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/97060"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:0872",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:0873",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,11.0.0.Beta1)",
"affected_versions": "All versions before 11.0.0.beta1",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2023-07-28",
"description": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection.",
"fixed_versions": [
"11.0.0.Beta1"
],
"identifier": "CVE-2016-9589",
"identifiers": [
"GHSA-p4xg-cpr9-vwvj",
"CVE-2016-9589"
],
"not_impacted": "",
"package_slug": "maven/org.wildfly/wildfly-parent",
"pubdate": "2022-05-13",
"solution": "Upgrade to version 11.0.0.Beta1 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"https://access.redhat.com/errata/RHSA-2017:0872",
"https://access.redhat.com/errata/RHSA-2017:0873",
"https://access.redhat.com/errata/RHSA-2017:3454",
"https://access.redhat.com/errata/RHSA-2017:3455",
"https://access.redhat.com/errata/RHSA-2017:3456",
"https://access.redhat.com/errata/RHSA-2017:3458",
"https://bugzilla.redhat.com/show_bug.cgi?id=1404782",
"http://rhn.redhat.com/errata/RHSA-2017-0830.html",
"http://rhn.redhat.com/errata/RHSA-2017-0831.html",
"http://rhn.redhat.com/errata/RHSA-2017-0832.html",
"http://rhn.redhat.com/errata/RHSA-2017-0834.html",
"http://rhn.redhat.com/errata/RHSA-2017-0876.html",
"http://www.securityfocus.com/bid/97060",
"https://github.com/advisories/GHSA-p4xg-cpr9-vwvj"
],
"uuid": "d0ad6afa-39ec-4620-a5ff-be7ee9f618d9"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_wildfly_application_server:11.0.0:alpha1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_wildfly_application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-9589"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"name": "RHSA-2017:3458",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:3456",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "RHSA-2017:3455",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3454",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0873",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"name": "RHSA-2017:0872",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
},
{
"name": "97060",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97060"
},
{
"name": "RHSA-2017:0876",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0876.html"
},
{
"name": "RHSA-2017:0834",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0834.html"
},
{
"name": "RHSA-2017:0832",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0832.html"
},
{
"name": "RHSA-2017:0831",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0831.html"
},
{
"name": "RHSA-2017:0830",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0830.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-09T23:20Z",
"publishedDate": "2018-03-12T15:29Z"
}
}
}
RHSA-2017:0830
Vulnerability from csaf_redhat - Published: 2017-03-22 17:21 - Updated: 2025-11-21 17:59Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
Severity
Moderate
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)
Red Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting this issue.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
11 references
Acknowledgments
Halogen Software
Gabriel Lavoie
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)\n\nRed Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0830",
"url": "https://access.redhat.com/errata/RHSA-2017:0830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0830.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update",
"tracking": {
"current_release_date": "2025-11-21T17:59:59+00:00",
"generator": {
"date": "2025-11-21T17:59:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:0830",
"initial_release_date": "2017-03-22T17:21:20+00:00",
"revision_history": [
{
"date": "2017-03-22T17:21:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-03-22T17:21:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:59:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7",
"product": {
"name": "Red Hat JBoss EAP 7",
"product_id": "Red Hat JBoss EAP 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Gabriel Lavoie"
],
"organization": "Halogen Software"
}
],
"cve": "CVE-2016-9589",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1404782"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9589"
},
{
"category": "external",
"summary": "RHBZ#1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
}
],
"release_date": "2017-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T17:21:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0830"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage"
}
]
}
RHSA-2017:0831
Vulnerability from csaf_redhat - Published: 2017-03-22 17:52 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.5 on RHEL 6
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2016-8656)
* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)
Red Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.
7.0 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.
7.5 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
17 references
Acknowledgments
Halogen Software
Gabriel Lavoie
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2016-8656)\n\n* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)\n\nRed Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0831",
"url": "https://access.redhat.com/errata/RHSA-2017:0831"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1400344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400344"
},
{
"category": "external",
"summary": "1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "JBEAP-6995",
"url": "https://issues.redhat.com/browse/JBEAP-6995"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0831.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.5 on RHEL 6",
"tracking": {
"current_release_date": "2026-03-18T01:43:50+00:00",
"generator": {
"date": "2026-03-18T01:43:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0831",
"initial_release_date": "2017-03-22T17:52:40+00:00",
"revision_history": [
{
"date": "2017-03-22T17:52:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-03-22T17:52:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-msc@1.2.7-1.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.3-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.0.35-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.0.35-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-async-http-servlet-3.0@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.29-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.27-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.5-2.GA_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.5-3.GA_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.5-3.GA_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.22-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-msc@1.2.7-1.SP1_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.3-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.0.35-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src",
"product_id": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"product_id": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-3.SP1_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.0.12-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"product_id": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-16.SP19_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.29-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.27-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-6.SP6_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"product_id": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.5-2.GA_redhat_2.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"product": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"product_id": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-12.redhat_4.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"product_id": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.5-3.GA_redhat_2.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.7-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"product": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"product_id": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-12.redhat_4.ep7.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"product_id": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.1.0-12.redhat_4.ep7.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"product": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"product_id": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-12.redhat_4.ep7.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"product": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"product_id": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.1.0-12.redhat_4.ep7.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686"
},
"product_reference": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src"
},
"product_reference": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64"
},
"product_reference": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686"
},
"product_reference": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8656",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1400344"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It was found that a variant of the Tomcat CVE-2016-1240 exploit is also applicable to Red Hat JBoss Enterprise Application Platform 5, 6, and 7. CVE-2016-8656 addresses these problems with JBoss EAP. The issue is now corrected in the various versions of Red Hat JBoss Enterprise Application Platform including EAP 6.4.13 and EAP 7.0.5. For further information please refer to https://access.redhat.com/articles/3016681",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8656"
},
{
"category": "external",
"summary": "RHBZ#1400344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8656",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8656"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8656",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8656"
}
],
"release_date": "2016-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T17:52:40+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0831"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Gabriel Lavoie"
],
"organization": "Halogen Software"
}
],
"cve": "CVE-2016-9589",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1404782"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9589"
},
{
"category": "external",
"summary": "RHBZ#1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
}
],
"release_date": "2017-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T17:52:40+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0831"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.i686",
"6Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el6.x86_64",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage"
}
]
}
RHSA-2017:0832
Vulnerability from csaf_redhat - Published: 2017-03-22 17:51 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.5 on RHEL 7
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2016-8656)
* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)
Red Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.
7.0 (High)
Affected products
Fixed
94 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.
7.5 (High)
Affected products
Fixed
94 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
17 references
Acknowledgments
Halogen Software
Gabriel Lavoie
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2016-8656)\n\n* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)\n\nRed Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0832",
"url": "https://access.redhat.com/errata/RHSA-2017:0832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1400344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400344"
},
{
"category": "external",
"summary": "1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "JBEAP-6996",
"url": "https://issues.redhat.com/browse/JBEAP-6996"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0832.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.5 on RHEL 7",
"tracking": {
"current_release_date": "2026-03-18T01:43:49+00:00",
"generator": {
"date": "2026-03-18T01:43:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0832",
"initial_release_date": "2017-03-22T17:51:39+00:00",
"revision_history": [
{
"date": "2017-03-22T17:51:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-03-22T17:51:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-msc@1.2.7-1.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.3-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.0.35-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.0.35-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-async-http-servlet-3.0@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.29-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.27-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.5-2.GA_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.5-3.GA_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.5-3.GA_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.22-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-msc@1.2.7-1.SP1_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.3-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.0.35-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"product_id": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-3.SP1_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src",
"product_id": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.0.12-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"product_id": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-16.SP19_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.29-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@1.3.27-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-6.SP6_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"product_id": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.5-2.GA_redhat_2.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"product": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"product_id": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-12.redhat_4.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"product_id": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.5-3.GA_redhat_2.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.7-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"product": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"product_id": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.1.0-12.redhat_4.ep7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"product_id": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.1.0-12.redhat_4.ep7.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src"
},
"product_reference": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64"
},
"product_reference": "eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8656",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1400344"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It was found that a variant of the Tomcat CVE-2016-1240 exploit is also applicable to Red Hat JBoss Enterprise Application Platform 5, 6, and 7. CVE-2016-8656 addresses these problems with JBoss EAP. The issue is now corrected in the various versions of Red Hat JBoss Enterprise Application Platform including EAP 6.4.13 and EAP 7.0.5. For further information please refer to https://access.redhat.com/articles/3016681",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8656"
},
{
"category": "external",
"summary": "RHBZ#1400344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8656",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8656"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8656",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8656"
}
],
"release_date": "2016-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T17:51:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0832"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Gabriel Lavoie"
],
"organization": "Halogen Software"
}
],
"cve": "CVE-2016-9589",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1404782"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9589"
},
{
"category": "external",
"summary": "RHBZ#1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
}
],
"release_date": "2017-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T17:51:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0832"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-16.SP19_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-artemis-native-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-artemis-native-wildfly-0:1.1.0-12.redhat_4.ep7.el7.x86_64",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-0:5.0.12-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.12-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-msc-0:1.2.7-1.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.3-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.22-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.22-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-netty-0:4.0.35-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-netty-all-0:4.0.35-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-6.SP6_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-3.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-undertow-0:1.3.27-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.5-3.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.5-2.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.5-3.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.29-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.8-1.redhat_1.1.ep7.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage"
}
]
}
RHSA-2017:0834
Vulnerability from csaf_redhat - Published: 2017-03-22 18:01 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: jboss-ec2-eap package for EAP 7.0.5
Severity
Important
Notes
Topic: An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the eap7-jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 7.0.5.
Refer to the JBoss Enterprise Application Platform 7.0.5 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
*It was discovered that the jboss init script performed unsafe file handling
which could result in local privilege escalation.(CVE-2016-8656)
*It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.(CVE-2016-9589)
The CVE-2016-9589 issue was discovered by Gabriel Lavoie (Halogen Software).
Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.
7.0 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
16 references
Acknowledgments
Halogen Software
Gabriel Lavoie
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 7.0.5.\n\nRefer to the JBoss Enterprise Application Platform 7.0.5 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n*It was discovered that the jboss init script performed unsafe file handling\nwhich could result in local privilege escalation.(CVE-2016-8656)\n\n*It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.(CVE-2016-9589)\n\nThe CVE-2016-9589 issue was discovered by Gabriel Lavoie (Halogen Software).\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0834",
"url": "https://access.redhat.com/errata/RHSA-2017:0834"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1400344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400344"
},
{
"category": "external",
"summary": "1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "JBEAP-6997",
"url": "https://issues.redhat.com/browse/JBEAP-6997"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0834.json"
}
],
"title": "Red Hat Security Advisory: jboss-ec2-eap package for EAP 7.0.5",
"tracking": {
"current_release_date": "2026-03-18T01:43:49+00:00",
"generator": {
"date": "2026-03-18T01:43:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0834",
"initial_release_date": "2017-03-22T18:01:35+00:00",
"revision_history": [
{
"date": "2017-03-22T18:01:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-03-22T18:01:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"product_id": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.5-1.GA_redhat_1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"product_id": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.5-1.GA_redhat_1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"product_id": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.5-1.GA_redhat_1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"product_id": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.5-1.GA_redhat_1.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"product_id": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.5-1.GA_redhat_1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"product_id": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.5-1.GA_redhat_1.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8656",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1400344"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It was found that a variant of the Tomcat CVE-2016-1240 exploit is also applicable to Red Hat JBoss Enterprise Application Platform 5, 6, and 7. CVE-2016-8656 addresses these problems with JBoss EAP. The issue is now corrected in the various versions of Red Hat JBoss Enterprise Application Platform including EAP 6.4.13 and EAP 7.0.5. For further information please refer to https://access.redhat.com/articles/3016681",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8656"
},
{
"category": "external",
"summary": "RHBZ#1400344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8656",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8656"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8656",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8656"
}
],
"release_date": "2016-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T18:01:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0834"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Gabriel Lavoie"
],
"organization": "Halogen Software"
}
],
"cve": "CVE-2016-9589",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1404782"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9589"
},
{
"category": "external",
"summary": "RHBZ#1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
}
],
"release_date": "2017-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-03-22T18:01:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0834"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.5-1.GA_redhat_1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.5-1.GA_redhat_1.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage"
}
]
}
RHSA-2017:0872
Vulnerability from csaf_redhat - Published: 2017-04-04 17:26 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.1 update on RHEL 6
Severity
Moderate
Notes
Topic: Red Hat Single Sign-On 7.1 is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section.
Security Fix(es):
* It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the REST server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm. (CVE-2016-8629)
* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)
* It was found that keycloak's implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks. (CVE-2017-2585)
Red Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589 and Richard Kettelerij (Mindloops) for reporting CVE-2017-2585.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm.
4.3 (Medium)
Affected products
Fixed
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.
7.5 (High)
Affected products
Fixed
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that keycloak's implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.
CWE-385 - Covert Timing ChannelAffected products
Fixed
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
20 references
Acknowledgments
Halogen Software
Gabriel Lavoie
Mindloops
Richard Kettelerij
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Single Sign-On 7.1 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the REST server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm. (CVE-2016-8629)\n\n* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)\n\n* It was found that keycloak\u0027s implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks. (CVE-2017-2585)\n\nRed Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589 and Richard Kettelerij (Mindloops) for reporting CVE-2017-2585.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0872",
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/html/release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/html/release_notes/"
},
{
"category": "external",
"summary": "1388988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388988"
},
{
"category": "external",
"summary": "1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "1412376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412376"
},
{
"category": "external",
"summary": "RHSSO-427",
"url": "https://issues.redhat.com/browse/RHSSO-427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0872.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.1 update on RHEL 6",
"tracking": {
"current_release_date": "2026-03-18T01:43:43+00:00",
"generator": {
"date": "2026-03-18T01:43:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0872",
"initial_release_date": "2017-04-04T17:26:43+00:00",
"revision_history": [
{
"date": "2017-04-04T17:26:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-04-04T17:26:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product": {
"name": "Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product_id": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing-core@3.2.1-1.redhat_4.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product_id": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing@3.2.1-1.redhat_4.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product_id": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing-javase@3.2.1-1.redhat_4.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"product_id": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-freemarker@2.3.23-1.redhat_2.2.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"product_id": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-python-javapackages@3.4.1-5.15.3.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"product_id": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"product_id": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-twitter4j@4.0.4-1.redhat_3.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"product_id": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-twitter4j-core@4.0.4-1.redhat_3.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"product_id": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-liquibase-core@3.4.1-2.redhat_2.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"product_id": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-liquibase@3.4.1-2.redhat_2.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"product_id": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@2.5.5-2.Final_redhat_1.1.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"product_id": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@2.5.5-2.Final_redhat_1.1.jbcs.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"product": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"product_id": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing@3.2.1-1.redhat_4.1.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"product": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"product_id": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-freemarker@2.3.23-1.redhat_2.2.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"product": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"product_id": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-0:1-2.jbcs.el6.src",
"product": {
"name": "rh-sso7-0:1-2.jbcs.el6.src",
"product_id": "rh-sso7-0:1-2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7@1-2.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"product": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"product_id": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-twitter4j@4.0.4-1.redhat_3.1.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"product": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"product_id": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-liquibase@3.4.1-2.redhat_2.1.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"product": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"product_id": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"product": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"product_id": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@2.5.5-2.Final_redhat_1.1.jbcs.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"product": {
"name": "rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"product_id": "rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-runtime@1-2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-0:1-2.jbcs.el6.x86_64",
"product": {
"name": "rh-sso7-0:1-2.jbcs.el6.x86_64",
"product_id": "rh-sso7-0:1-2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7@1-2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"product": {
"name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"product_id": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java-debuginfo@0.8.0-2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"product": {
"name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"product_id": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java-devel@0.8.0-2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"product": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"product_id": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2.jbcs.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-0:1-2.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src"
},
"product_reference": "rh-sso7-0:1-2.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-0:1-2.jbcs.el6.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64"
},
"product_reference": "rh-sso7-0:1-2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src"
},
"product_reference": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src"
},
"product_reference": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src"
},
"product_reference": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src"
},
"product_reference": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64"
},
"product_reference": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64"
},
"product_reference": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64"
},
"product_reference": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src"
},
"product_reference": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-runtime-0:1-2.jbcs.el6.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64"
},
"product_reference": "rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src"
},
"product_reference": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src"
},
"product_reference": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 6 Server",
"product_id": "6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
},
"product_reference": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-RHSSO-7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8629",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1388988"
}
],
"notes": [
{
"category": "description",
"text": "It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user deletion via incorrect permissions check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8629"
},
{
"category": "external",
"summary": "RHBZ#1388988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8629",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8629"
}
],
"release_date": "2017-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-04-04T17:26:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user deletion via incorrect permissions check"
},
{
"acknowledgments": [
{
"names": [
"Gabriel Lavoie"
],
"organization": "Halogen Software"
}
],
"cve": "CVE-2016-9589",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1404782"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9589"
},
{
"category": "external",
"summary": "RHBZ#1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
}
],
"release_date": "2017-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-04-04T17:26:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage"
},
{
"acknowledgments": [
{
"names": [
"Richard Kettelerij"
],
"organization": "Mindloops"
}
],
"cve": "CVE-2017-2585",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1412376"
}
],
"notes": [
{
"category": "description",
"text": "It was found that keycloak\u0027s implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: timing attack in JWS signature verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2585"
},
{
"category": "external",
"summary": "RHBZ#1412376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2585"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2585",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2585"
}
],
"release_date": "2017-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-04-04T17:26:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0872"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el6.x86_64",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el6.src",
"6Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch",
"6Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: timing attack in JWS signature verification"
}
]
}
RHSA-2017:0873
Vulnerability from csaf_redhat - Published: 2017-04-04 17:26 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.1 update on RHEL 7
Severity
Moderate
Notes
Topic: Red Hat Single Sign-On 7.1 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section.
Security Fix(es):
* It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the REST server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm. (CVE-2016-8629)
* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)
* It was found that keycloak's implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks. (CVE-2017-2585)
Red Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589 and Richard Kettelerij (Mindloops) for reporting CVE-2017-2585.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm.
4.3 (Medium)
Affected products
Fixed
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.
7.5 (High)
Affected products
Fixed
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that keycloak's implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.
CWE-385 - Covert Timing ChannelAffected products
Fixed
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
20 references
Acknowledgments
Halogen Software
Gabriel Lavoie
Mindloops
Richard Kettelerij
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Single Sign-On 7.1 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the REST server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm. (CVE-2016-8629)\n\n* It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)\n\n* It was found that keycloak\u0027s implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks. (CVE-2017-2585)\n\nRed Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589 and Richard Kettelerij (Mindloops) for reporting CVE-2017-2585.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0873",
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/html/release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/html/release_notes/"
},
{
"category": "external",
"summary": "1388988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388988"
},
{
"category": "external",
"summary": "1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "1412376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412376"
},
{
"category": "external",
"summary": "RHSSO-426",
"url": "https://issues.redhat.com/browse/RHSSO-426"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0873.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.1 update on RHEL 7",
"tracking": {
"current_release_date": "2026-03-18T01:43:42+00:00",
"generator": {
"date": "2026-03-18T01:43:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0873",
"initial_release_date": "2017-04-04T17:26:10+00:00",
"revision_history": [
{
"date": "2017-04-04T17:26:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-04-04T17:26:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product": {
"name": "Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-0:1-2.jbcs.el7.src",
"product": {
"name": "rh-sso7-0:1-2.jbcs.el7.src",
"product_id": "rh-sso7-0:1-2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7@1-2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"product": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"product_id": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"product": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"product_id": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-freemarker@2.3.23-1.redhat_2.2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"product": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"product_id": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-twitter4j@4.0.4-1.redhat_3.1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"product": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"product_id": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing@3.2.1-1.redhat_4.1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"product": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"product_id": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-liquibase@3.4.1-2.redhat_2.1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"product": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"product_id": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"product": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"product_id": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@2.5.5-2.Final_redhat_1.1.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"product": {
"name": "rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"product_id": "rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-runtime@1-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-0:1-2.jbcs.el7.x86_64",
"product": {
"name": "rh-sso7-0:1-2.jbcs.el7.x86_64",
"product_id": "rh-sso7-0:1-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7@1-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"product": {
"name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"product_id": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java-devel@0.8.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"product": {
"name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"product_id": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java-debuginfo@0.8.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"product": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"product_id": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2.jbcs.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"product_id": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-python-javapackages@3.4.1-5.15.3.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"product_id": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"product_id": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-freemarker@2.3.23-1.redhat_2.2.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"product_id": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-twitter4j@4.0.4-1.redhat_3.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"product_id": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-twitter4j-core@4.0.4-1.redhat_3.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product_id": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing-core@3.2.1-1.redhat_4.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product_id": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing@3.2.1-1.redhat_4.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product_id": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-zxing-javase@3.2.1-1.redhat_4.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"product_id": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-liquibase@3.4.1-2.redhat_2.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"product_id": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-liquibase-core@3.4.1-2.redhat_2.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"product_id": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@2.5.5-2.Final_redhat_1.1.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"product": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"product_id": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@2.5.5-2.Final_redhat_1.1.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-0:1-2.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src"
},
"product_reference": "rh-sso7-0:1-2.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-0:1-2.jbcs.el7.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64"
},
"product_reference": "rh-sso7-0:1-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src"
},
"product_reference": "rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src"
},
"product_reference": "rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src"
},
"product_reference": "rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src"
},
"product_reference": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64"
},
"product_reference": "rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64"
},
"product_reference": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64"
},
"product_reference": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src"
},
"product_reference": "rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-runtime-0:1-2.jbcs.el7.x86_64 as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64"
},
"product_reference": "rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src"
},
"product_reference": "rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src"
},
"product_reference": "rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch as a component of Red Hat Single Sign-On 7.1 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
},
"product_reference": "rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8629",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1388988"
}
],
"notes": [
{
"category": "description",
"text": "It was found that keycloak did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user deletion via incorrect permissions check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8629"
},
{
"category": "external",
"summary": "RHBZ#1388988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8629",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8629"
}
],
"release_date": "2017-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-04-04T17:26:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user deletion via incorrect permissions check"
},
{
"acknowledgments": [
{
"names": [
"Gabriel Lavoie"
],
"organization": "Halogen Software"
}
],
"cve": "CVE-2016-9589",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1404782"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9589"
},
{
"category": "external",
"summary": "RHBZ#1404782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9589"
}
],
"release_date": "2017-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-04-04T17:26:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage"
},
{
"acknowledgments": [
{
"names": [
"Richard Kettelerij"
],
"organization": "Mindloops"
}
],
"cve": "CVE-2017-2585",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1412376"
}
],
"notes": [
{
"category": "description",
"text": "It was found that keycloak\u0027s implementation of HMAC verification for JWS tokens uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: timing attack in JWS signature verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2585"
},
{
"category": "external",
"summary": "RHBZ#1412376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2585"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2585",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2585"
}
],
"release_date": "2017-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-04-04T17:26:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0873"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-freemarker-0:2.3.23-1.redhat_2.2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-javapackages-tools-0:3.4.1-5.15.3.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-keycloak-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-keycloak-server-0:2.5.5-2.Final_redhat_1.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-liquibase-0:3.4.1-2.redhat_2.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-liquibase-core-0:3.4.1-2.redhat_2.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-python-javapackages-0:3.4.1-5.15.3.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-runtime-0:1-2.jbcs.el7.x86_64",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-0:4.0.4-1.redhat_3.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-twitter4j-core-0:4.0.4-1.redhat_3.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-0:3.2.1-1.redhat_4.1.jbcs.el7.src",
"7Server-RHSSO-7.1:rh-sso7-zxing-core-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch",
"7Server-RHSSO-7.1:rh-sso7-zxing-javase-0:3.2.1-1.redhat_4.1.jbcs.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: timing attack in JWS signature verification"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…